datadata-memory

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill manages persistent memory through a specific MCP server provided by the vendor. It follows standard practices for data persistence and does not access sensitive system resources, credentials, or unauthorized external domains.
  • [SAFE]: Analysis of indirect prompt injection surfaces confirms that the skill is designed to process untrusted data as its primary function, but it lacks exploitable capabilities that would elevate the risk.
  • Ingestion points: User input enters the system via memory_add and memory_update tools, and is subsequently retrieved through memory_search as described in SKILL.md and references/memory-guide.md.
  • Boundary markers: The instructions do not specify the use of clear delimiters or instructions to ignore embedded content when the agent processes retrieved memories.
  • Capability inventory: The agent's tools are strictly limited to the mcp_datadata_memory_* suite for CRUD operations on memories. There is no access to shell execution, arbitrary file system operations, or network exfiltration tools.
  • Sanitization: No explicit sanitization or input validation logic is defined in the provided skill instructions or reference guides.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 11:35 AM
Security Audit — agent-trust-hub — datadata-memory