memory-retrieval
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements context retrieval using internal tools to gather project-specific information. No unauthorized command execution, data exfiltration, or obfuscation techniques were detected. The use of local file paths in examples is consistent with the author's identified context and is used for metadata matching rather than unauthorized file access.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by ingesting untrusted data from an external knowledge graph.\n
- Ingestion points: Data enters the agent's context through results from the
memento_semantic_searchandmemento_open_nodestools as described in SKILL.md.\n - Boundary markers: None identified; the instructions do not specify delimiters or warnings for the agent to ignore instructions that might be contained within the retrieved memories.\n
- Capability inventory: The skill focuses on information retrieval and synthesis; however, the agent's broader execution environment typically includes file system and shell access.\n
- Sanitization: No mechanisms for validation, filtering, or escaping of the retrieved memory content are specified in the skill instructions.
Audit Metadata