memory-prune
Warn
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing a PowerShell script with
-ExecutionPolicy Bypass. While commonly used for automation, this bypasses local security restrictions intended to prevent unauthorized script execution. - [COMMAND_EXECUTION]: The script uses
Move-Item,Rename-Item, andNew-Itemto modify the local file system. While the intended use is pruning memory entries, the script operates on a user-controlled path ($env:USERPROFILE/.claude/projects/...) which could be misused if paths are manipulated. - [COMMAND_EXECUTION]: The script uses
Read-Hostto take user input and then processes it using aswitch -Regex. While current inputs (k,a,p,s,q) are handled safely, this pattern is a common injection surface in more complex scripts. - [PRIVILEGE_ESCALATION]: The skill instructs the user to run the script with
-ExecutionPolicy Bypass, which is a low-level privilege escalation technique used to run unsigned or restricted scripts on Windows systems.
Audit Metadata