Skills
skills/winsorllc/upgraded-carnival/memory/Gen Agent Trust Hub

memory

Fail

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The memory.sh script executes shell commands and invokes python3 to manage data storage.
  • [REMOTE_CODE_EXECUTION]: The script memory.sh contains a critical code injection vulnerability. It interpolates shell variables directly into Python heredocs (e.g., value = """$VALUE"""). Because these variables contain unsanitized user input, an attacker can use triple quotes to terminate the Python string and execute arbitrary Python code, which can then be used to execute shell commands.
  • [DATA_EXFILTRATION]: Although the skill is designed for local storage in ~/.agent-memory/memory.json, the code injection flaw allows an attacker to read this file or any other sensitive file on the system and potentially transmit the contents over the network.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 1, 2026, 05:11 AM