Skills
skills/alirezarezvani/claude-skills/remember/Gen Agent Trust Hub

remember

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's primary function is to save arbitrary text to a MEMORY.md file, which the instructions state will be seen by the agent at the start of every session. This creates an indirect prompt injection surface where malicious instructions can be persisted and later influence the agent's behavior.
  • Ingestion points: User-supplied text via the /si:remember command is written to SKILL.md (as described in Step 3).
  • Boundary markers: The skill appends text to a list (- {{concise fact or pattern}}) but lacks delimiters or instructions for the agent to ignore embedded commands within those entries.
  • Capability inventory: The skill possesses file read/write capabilities and shell command execution (grep, sed).
  • Sanitization: No evidence of sanitization, filtering, or validation of the input content before it is committed to memory.
  • [COMMAND_EXECUTION]: The workflow involves executing shell commands to manage the memory directory and check for duplicates. Specifically, the use of grep -ni "<keywords>" "$MEMORY_DIR/MEMORY.md" relies on variable interpolation. If the input substituted for <keywords> contains shell metacharacters (e.g., semicolons, backticks), it could lead to arbitrary command execution within the agent's environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 01:23 PM