memory-fabric
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is focused on providing a logic layer for knowledge graph orchestration and does not contain any malicious code or instructions.
- [EXTERNAL_DOWNLOADS]: The skill documentation references the
@anthropic/memory-mcp-serverpackage, which is a trusted dependency provided by Anthropic. - [PROMPT_INJECTION]: The skill processes user-supplied natural language to extract entities and relations, which is an inherent indirect prompt injection surface.
- Ingestion points: User queries are ingested in Step 1 of the Unified Search Workflow in
SKILL.mdand in the Entity Extraction algorithm inreferences/entity-extraction.md. - Boundary markers: The skill relies on natural language parsing and regex patterns rather than explicit delimiters for untrusted data.
- Capability inventory: The skill has the ability to create, search, and delete entities and relations in the knowledge graph using tools like
mcp__memory__create_entitiesandmcp__memory__delete_entities. - Sanitization: The skill significantly mitigates risk by enforcing graph consistency rules (
rules/graph-consistency.md) and requiring explicit user confirmation before any pruning or deletion of data (rules/stale-node-detection.md).
Audit Metadata