writer-memory
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely as a local productivity utility with no evidence of malicious patterns or unauthorized data access.- [DATA_EXFILTRATION]: The skill maintains project state and history within a local
.writer-memory/directory. This access is transparently documented and necessary for the core functionality of providing persistent context between sessions.- [PROMPT_INJECTION]: The skill ingests user-provided text for story elements which is subsequently used in agent-generated outputs such as synopses and dialogue validations.\n - Ingestion points: Character arcs, attitudes, keywords, and scene notes provided by the user and stored in
.writer-memory/memory.json.\n - Boundary markers: Absent; user-provided data is interpolated directly into markdown templates.\n
- Capability inventory: The skill is limited to local file system read/write operations via the
fsmodule inlib/memory-manager.ts.\n - Sanitization: None; input is treated as raw text. While this creates a surface for indirect prompt injection, the impact is confined to the quality of the agent's story analysis and does not grant the skill additional capabilities.
Audit Metadata