mem-query
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructions advise using
Grepsearch on patterns derived from user questions, which could lead to command injection if the underlying agent implementation executes these as shell commands without proper sanitization. - PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it retrieves content from memory files in the
AI_MEMORY/directory which are populated by previous, potentially untrusted, interactions. 1. Ingestion points: Memory files inAI_MEMORY/L1-L4. 2. Boundary markers: Absent; the skill does not define delimiters for retrieved memory content. 3. Capability inventory: The skill has read access to the local filesystem for memory retrieval. 4. Sanitization: Absent; no validation or escaping of the retrieved memory data is performed before processing.
Audit Metadata