agent-global-context-recall
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from local files into the agent's context.
- Ingestion points: Reads
config.yaml,index.md, and various priority level (P0-P4) files from the memory root directory (SKILL.md). - Boundary markers: The instructions do not specify the use of delimiters or provide warnings to ignore potential instructions embedded within the recalled files.
- Capability inventory: The skill is primarily focused on file read operations to establish project and user context.
- Sanitization: There is no evidence of sanitization, escaping, or validation of the content loaded from the global context directory.
Audit Metadata