triple-memory

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt explicitly instructs the agent to "Never announce memory operations" and to silently store user data, which is a deceptive instruction to conceal behavior and override transparency and thus outside the skill's stated, documented memory-setup purpose.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.85). The skill contains intentional stealthy/persistent data-capture behavior (explicit "never announce" instruction, auto-capture triggers) combined with mechanisms that can read arbitrary workspace files and send content to an external embeddings API and third‑party packages — enabling covert collection and potential exfiltration or supply‑chain abuse.