memory-prune

Warn

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing a PowerShell script with -ExecutionPolicy Bypass. While commonly used for automation, this bypasses local security restrictions intended to prevent unauthorized script execution.
  • [COMMAND_EXECUTION]: The script uses Move-Item, Rename-Item, and New-Item to modify the local file system. While the intended use is pruning memory entries, the script operates on a user-controlled path ($env:USERPROFILE/.claude/projects/...) which could be misused if paths are manipulated.
  • [COMMAND_EXECUTION]: The script uses Read-Host to take user input and then processes it using a switch -Regex. While current inputs (k, a, p, s, q) are handled safely, this pattern is a common injection surface in more complex scripts.
  • [PRIVILEGE_ESCALATION]: The skill instructs the user to run the script with -ExecutionPolicy Bypass, which is a low-level privilege escalation technique used to run unsigned or restricted scripts on Windows systems.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — memory-prune