Skills
skills/tylersahagun/pm-workspace/ansor-memory/Gen Agent Trust Hub

ansor-memory

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it is designed to ingest and store untrusted data from external platforms.
  • Ingestion points: Data enters the system as snippet content in the evidence_item table via the ansor / create_record tool call, pulling from sources like Slack, Linear, and HubSpot (SKILL.md).
  • Boundary markers: The skill does not provide instructions or patterns for using delimiters or "ignore embedded instructions" warnings when processing or retrieving these data snippets.
  • Capability inventory: The skill utilizes the ansor MCP server to perform database queries and record creation/updates within the product_os database (SKILL.md).
  • Sanitization: There is no documentation or implementation of sanitization, escaping, or validation for content received from external integrations before it is stored or displayed to other agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 01:18 AM