Skills
skills/sundial-org/awesome-openclaw-skills/second-brain/Gen Agent Trust Hub

second-brain

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local shell script at scripts/ensue-api.sh to communicate with the Ensue backend.
  • [EXTERNAL_DOWNLOADS]: Uses curl within the ensue-api.sh script to send POST requests to https://api.ensue-network.ai/ for retrieving and searching memories.
  • [DATA_EXFILTRATION]: Transmits user-provided notes, concepts, and toolbox entries to the external Ensue API for storage. This behavior is clearly documented as the primary function of the 'Second Brain' skill.
  • [PROMPT_INJECTION]: Potential for indirect prompt injection (Category 8) identified:
  • Ingestion points: External data enters the agent context through the get_memory and discover_memories operations defined in scripts/ensue-api.sh.
  • Boundary markers: The skill instructions do not specify the use of delimiters or 'ignore' instructions when presenting retrieved content to the agent.
  • Capability inventory: The skill includes scripts for creating, updating, and deleting memory entries, allowing for write operations based on agent instructions.
  • Sanitization: There is no evidence of sanitization or content validation performed on the data returned from the Ensue API.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 01:24 PM