Skills
skills/taylorhuston/local-life-manager/debrief/Gen Agent Trust Hub

debrief

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to ingest untrusted data from the current conversation history and use it to update persistent files like CLAUDE.md and about-taylor.md.
  • Ingestion points: The skill explicitly reviews the entire conversation history for 'memory-worthy moments' and reads existing files such as .claude/memories/about-taylor.md and CLAUDE.md.
  • Boundary markers: There are no explicit instructions to treat extracted content as untrusted or to use delimiters when processing the conversation for new memories.
  • Capability inventory: The skill uses the Edit and Write tools to modify the agent's primary instruction file (CLAUDE.md) and profile (about-taylor.md).
  • Sanitization: No sanitization or validation of the extracted 'memories' is performed before they are proposed for inclusion in persistent storage, relying solely on human review at the presentation phase.
  • Command Execution (SAFE): The skill uses the Bash tool, but it is strictly restricted via the allowed-tools list to the date command (Bash(date:*)), posing no security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:28 PM