Skills
skills/severity1/claude-code-auto-memory/memory-processor/Gen Agent Trust Hub

memory-processor

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill processes untrusted data (changed files, git diffs) to update project guidelines in CLAUDE.md.
  • Ingestion points: Changed files, content summaries, and Git context (commits, diffs).
  • Boundary markers: Absent; the skill does not specify delimiters to separate untrusted file content from processing logic.
  • Capability inventory: Reads files, uses grep for codebase searching, and writes to CLAUDE.md.
  • Sanitization: Absent; no explicit validation or escaping of ingested file content is mentioned before it is committed to documentation.
  • Command Execution (SAFE): The skill describes using grep and observing previous bash executions. These are standard operations for a developer tool and are used here for documentation verification rather than executing arbitrary attacker-controlled strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:42 PM