Skills
skills/chaorenex1/coding-agent-workflow/memex-fallback/Gen Agent Trust Hub

memex-fallback

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell logic to detect the availability of codeagent-wrapper and memex-cli, subsequently executing these tools to process tasks.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to the interpolation of untrusted task content into execution blocks.
  • Ingestion points: Data is ingested via the <TASK> and <content> placeholders in the SKILL.md execution templates.
  • Boundary markers: Uses <TASK> tags and ---CONTENT--- headers as delimiters to isolate the injected content.
  • Capability inventory: The skill can execute shell commands through the identified CLI tools and interact with the local filesystem via the $PWD variable.
  • Sanitization: Uses shell heredoc quoting (<<'EOF') to prevent variable expansion at the shell level, but lacks explicit filtering or validation of the instructions contained within the task blocks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 04:43 PM
Security Audit — agent-trust-hub — memex-fallback