memory-ingest
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data and has the capability to modify the agent's knowledge base, presenting an attack surface for indirect prompt injection.
- Ingestion points: Unstructured external input (meeting transcripts, conversation logs, pasted documents) is ingested as described in
SKILL.md. - Boundary markers: The instructions lack explicit directives for the agent to ignore instructions embedded within the ingested text or to treat the input solely as data.
- Capability inventory: The skill employs
write_notefor creating and updating files andsearch_notesfor reading existing data. - Sanitization: There is no evidence of sanitization or validation of the external content before it is parsed and stored in the memory system.
Audit Metadata