agent-memory-archiver
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists exclusively of Markdown-based instructions and metadata. It does not ship with any executable scripts, Python packages, Node.js modules, or binary files.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were identified. The instructions describe a standard archival process intended for maintaining project history.
- [PROMPT_INJECTION]: The skill describes a role-play scenario for a memory archival specialist and processes untrusted session data. Ingestion points include CLAUDE.md and session history files. No specific boundary markers or sanitization steps are defined for the extracted content. The documentation mentions the imported agent utilizes Bash and Write tools, which defines a potential indirect prompt injection surface despite no malicious code being present.
Audit Metadata