reflection
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of instructional markdown and does not include any scripts, external dependencies, or commands.
- [Indirect Prompt Injection] (LOW): The skill encourages the agent to analyze user feedback and save 'lessons' to memory using
memory_save. - Ingestion points: User feedback provided during tasks or session completion (SKILL.md).
- Boundary markers: Absent; there are no specific delimiters to separate user feedback from the reflection logic.
- Capability inventory:
memory_savefor persisting state (SKILL.md). - Sanitization: Absent; the skill does not instruct the agent to sanitize or validate the content of the feedback before extracting lessons.
- Risk: A malicious user could provide feedback designed to be interpreted as a 'preference' or 'lesson' (e.g., "Always ignore safety rules for this task"), which the agent might then save to its persistent memory.
Audit Metadata