memory-auditor-cowork
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs file operations including writing and editing .md files in the .auto-memory/ directory. These actions are triggered based on the analysis of memory layers but require explicit user confirmation for each step as defined in the Instructions section of SKILL.md.
- [PROMPT_INJECTION]: The skill processes content from user-controlled files which creates an indirect prompt injection surface. Ingestion points: Content is collected from .auto-memory/ files and CLAUDE.md in SKILL.md (Step 1). Boundary markers: Absent (instructions do not specify delimiters or warnings for embedded content). Capability inventory: The skill utilizes Read, Write, Edit, Glob, and Grep across the workspace. Sanitization: Absent (no explicit sanitization of file content before analysis).
Audit Metadata