datadata-memory
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages persistent memory through a specific MCP server provided by the vendor. It follows standard practices for data persistence and does not access sensitive system resources, credentials, or unauthorized external domains.
- [SAFE]: Analysis of indirect prompt injection surfaces confirms that the skill is designed to process untrusted data as its primary function, but it lacks exploitable capabilities that would elevate the risk.
- Ingestion points: User input enters the system via
memory_addandmemory_updatetools, and is subsequently retrieved throughmemory_searchas described inSKILL.mdandreferences/memory-guide.md. - Boundary markers: The instructions do not specify the use of clear delimiters or instructions to ignore embedded content when the agent processes retrieved memories.
- Capability inventory: The agent's tools are strictly limited to the
mcp_datadata_memory_*suite for CRUD operations on memories. There is no access to shell execution, arbitrary file system operations, or network exfiltration tools. - Sanitization: No explicit sanitization or input validation logic is defined in the provided skill instructions or reference guides.
Audit Metadata