adding-memory
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation instructs the agent to execute the
ov add-memorycommand to persist conversation data. This is a local command execution associated with the OpenViking toolset. - [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by capturing untrusted conversation data and storing it in a persistent database for future retrieval. * Ingestion points: Conversation role and content data passed to the
ovCLI. * Boundary markers: None specified in the usage examples. * Capability inventory: Local system command execution via theovtool. * Sanitization: No explicit input validation or sanitization is described in the skill.
Audit Metadata