Skills
skills/vectorize-io/hindsight/hindsight-local/Gen Agent Trust Hub

hindsight-local

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use uvx to download and execute the hindsight-embed package from a public registry.
  • [COMMAND_EXECUTION]: The skill relies on the execution of multiple shell commands via the uvx package runner to manage the memory daemon and perform data operations.
  • [CREDENTIALS_UNSAFE]: The configuration step (uvx hindsight-embed configure) explicitly prompts the user to input LLM provider API keys, which are then handled and stored by the external hindsight-embed tool.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).
  • Ingestion points: Data is ingested via the uvx hindsight-embed memory recall command (referenced in SKILL.md).
  • Boundary markers: The instructions do not define delimiters or specific 'ignore embedded instructions' warnings for recalled context.
  • Capability inventory: The agent has the capability to execute shell commands and write to memory via the uvx tool (referenced in SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of the content retrieved from the memory store before it is used as context for the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 12:00 PM