Skills
skills/laststance/skills/syncing-docs-and-memory/Gen Agent Trust Hub

syncing-docs-and-memory

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various shell commands for repository inspection, diff analysis, and data processing.
  • Evidence: Use of git, gh, find, grep, wc, and custom CLI tools like gbrain and gstack-learnings across SKILL.md and references/memory-sources.md.
  • Evidence: Specifically executes a local script at ~/.claude/skills/gstack/bin/gstack-slug to determine the project identifier.
  • [DATA_EXFILTRATION]: The skill is designed to move project documentation data to external memory systems and platforms.
  • Evidence: Supports synchronization with Notion, Obsidian, Inkdrop, and Serena MCP as detailed in references/memory-sources.md.
  • Note: This behavior is the intended functionality of the skill and is explicitly gated by user opt-in phrases.
  • [PROMPT_INJECTION]: The skill processes markdown files from the project repository, which constitutes an indirect prompt injection surface.
  • Ingestion points: Reads README.md, AGENTS.md, CLAUDE.md, SPEC.md, and other discovered markdown files as described in SKILL.md.
  • Boundary markers: The skill does not specify the use of delimiters or boundary markers to separate untrusted markdown content from instructions during processing.
  • Capability inventory: The agent has the capability to modify local files via the Edit tool and write to external memory APIs (Notion, Obsidian, Inkdrop, etc.).
  • Sanitization: No explicit sanitization or filtering of the ingested markdown content is performed before it is analyzed or used to generate updates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 03:47 PM
Security Audit — agent-trust-hub — syncing-docs-and-memory