exocortex
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The
exo_recall_memoriestool retrieves stored data into the agent context, creating a surface for indirect prompt injection if previously stored insights contain adversarial content. Evidence: 1. Ingestion:exo_recall_memoriessearch tool. 2. Boundary markers: None specified in the markdown. 3. Capability inventory: Memory storage, linkage, and retrieval tools. 4. Sanitization: Not described in the skill definition. - [External Reference] (LOW): The skill references an external GitHub repository (
fuwasegu/exocortex) that is not on the trusted organizations list. This is a documentation link and does not involve automated code execution or package installation. - [No Code] (SAFE): The skill consists solely of a markdown definition file without associated scripts or binaries, minimizing the direct execution attack surface.
Audit Metadata