airsync
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a memory retrieval system that processes data from a shared knowledge base. While this represents a surface for indirect prompt injection, the system includes design patterns like a gated review process (INBOX to PUBLISHED) and citation requirements to mitigate the risk of malicious content being treated as instructions. \n
- Ingestion points: Memory content retrieved via memory_search and memory_get in SKILL.md. \n
- Boundary markers: The skill encourages source citation but does not explicitly define delimiters for retrieved content in its prompt examples. \n
- Capability inventory: The agent can propose, promote, and archive memories. \n
- Sanitization: No explicit content sanitization or instruction filtering is described. \n- [DATA_EXFILTRATION]: The skill facilitates the storage of knowledge in a managed memory system via the memory_propose tool. This is the intended purpose of the skill and is governed by specific safety rules that explicitly prohibit the inclusion of credentials, tokens, or personal data.
Audit Metadata