triple-memory
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill provides a robust architecture for persistent memory using established local and vendor-provided tools.
- [COMMAND_EXECUTION]: The skill facilitates the execution of local scripts for synchronizing memory and searching the workspace ($WORKSPACE/scripts/file-search.sh and memory.py). These operations are confined to the user's defined workspace.
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions to install a complementary skill (git-notes-memory) using the vendor's own hub tool (thinkfleet-hub), which is consistent with the author's ecosystem.
- [PROMPT_INJECTION]: The skill inherently possesses a surface for indirect prompt injection because its primary function is to retrieve data from files (MEMORY.md) and conversation logs to provide context to the agent. 1. Ingestion points: Reads data from workspace files and the LanceDB vector store. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are described in the setup. 3. Capability inventory: The agent can execute local shell and Python scripts and interface with plugins. 4. Sanitization: No explicit content filtering or sanitization of retrieved memories is present in the skill's instructions.
Audit Metadata