memory-ingest

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data and has the capability to modify the agent's knowledge base, presenting an attack surface for indirect prompt injection.
  • Ingestion points: Unstructured external input (meeting transcripts, conversation logs, pasted documents) is ingested as described in SKILL.md.
  • Boundary markers: The instructions lack explicit directives for the agent to ignore instructions embedded within the ingested text or to treat the input solely as data.
  • Capability inventory: The skill employs write_note for creating and updating files and search_notes for reading existing data.
  • Sanitization: There is no evidence of sanitization or validation of the external content before it is parsed and stored in the memory system.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:14 PM
Security Audit — agent-trust-hub — memory-ingest