agent-memory
Warn
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its memory retrieval mechanisms.\n
- Ingestion points: Memory is retrieved using
mem.recall()andmem.get_lessons()as described inSKILL.md.\n - Boundary markers: There are no delimiters or explicit instructions to treat retrieved memory as potentially untrusted data.\n
- Capability inventory: The skill persists and recalls context which directly influences the agent's reasoning and future responses.\n
- Sanitization: No sanitization or validation of the stored content is described.\n- [EXTERNAL_DOWNLOADS]: The skill recommends installation via
clawdhub install agent-memory. This command downloads and installs code from an external registry.
Audit Metadata