Skills
skills/anian0/pick-skills/memos-skill/Gen Agent Trust Hub

memos-skill

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface because it retrieves and processes untrusted content from a remote Memos instance.
  • Ingestion points: Memo content is fetched via endpoints such as GET /api/v1/memos and GET /api/v1/memos/{memo} as documented in the skill instructions.
  • Boundary markers: No explicit delimiters or instructions are provided to help the agent distinguish between retrieved data and its own system instructions.
  • Capability inventory: The agent can perform network requests and write to the local file system.
  • Sanitization: No sanitization or validation of the remote memo content is described.
  • [COMMAND_EXECUTION]: The skill instructs the agent to manage its own configuration by writing to a config.json file within the skill directory. This involves the generation and storage of local data based on user input.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 05:50 AM