remember
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied input through the $ARGUMENTS variable to extract concepts and file paths. While this is the core intended functionality, the absence of explicit boundary markers around the interpolated user input creates a surface for indirect prompt injection, where a user might attempt to influence the agent's extraction logic.
- [COMMAND_EXECUTION]: The skill interacts with the system solely through the memory_save MCP tool. This tool call is restricted to the pre-configured agentmemory server and does not allow for arbitrary shell command execution.
Audit Metadata