memory-persist
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements persistent storage using local file I/O directed at a specific application directory (~/.thepopebot), which is standard for the described functionality and consistent with the vendor's naming conventions.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it stores and retrieves arbitrary data without delimiters. 1. Ingestion points: Untrusted data enters via memory_store() in memory-persist.js. 2. Boundary markers: No delimiters or ignore instructions are present in the output of memory_recall(). 3. Capability inventory: The script performs file read/write operations on the host filesystem. 4. Sanitization: No validation or escaping is applied to stored values.
Audit Metadata