memory-hygiene
Warn
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to execute destructive shell commands (
rm -rf ~/.clawdbot/memory/lancedb/) to wipe memory and commands to restart the gateway service. It also includes instructions to create a persistent monthly task via a cron tool to automate these actions.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) through its memory maintenance automation. 1. Ingestion points: Data is ingested from theMEMORY.mdfile during the reseed phase of the monthly maintenance job. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present when parsing the external file. 3. Capability inventory: The skill can execute filesystem commands (rm -rf), modify service configuration (gateway action=config.patch), and schedule persistent jobs (cron action=add). 4. Sanitization: The skill lacks logic to sanitize or validate content before storing it in vector memory or using it in automated jobs.
Audit Metadata