recallmax
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of ingesting untrusted external data.
- Ingestion points: Ingests external context (documents and RAG results) as specified in SKILL.md.
- Boundary markers: Absent. No delimiters are defined to isolate external data from instructions.
- Capability inventory: Performs summarization and history compression (SKILL.md).
- Sanitization: Absent. No filtering of ingested content is described.
- [EXTERNAL_DOWNLOADS]: The skill references external sources for installation and repository hosting.
- Links to the author's GitHub repository and a marketplace platform hosted on Vercel.
Audit Metadata