agent-swarm-memory-manager
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Authoritative directives such as "MANDATORY" and "priority: critical" are used to enforce specific behavioral patterns.
- [PROMPT_INJECTION]: Indirect prompt injection surface exists through the shared coordination namespace. 1. Ingestion points: Memory is retrieved via
mcp__claude-flow__memory_usageas described inSKILL.md. 2. Boundary markers: Absent; instructions do not provide delimiters or warnings to treat retrieved memory as untrusted. 3. Capability inventory: The skill utilizesmcp__claude-flow__memory_usagefor storage and retrieval operations across agent states. 4. Sanitization: Absent; no validation or filtering is defined for the data stored in the shared index. - [DATA_EXFILTRATION]: The requirement to "Log all memory operations" and continuously sync state to a shared namespace could result in the exposure of sensitive session data within the coordination logs.
Audit Metadata