migrating-memory
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands, including
cpfor file manipulation,gitfor version control, and thelettaCLI for agent management. - [DATA_EXFILTRATION]: The migration process involves exporting and copying agent memory blocks, which typically contain sensitive historical data or user information. The use of
git pushresults in the network transmission of this data to a configured remote repository. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by facilitating the ingestion of memory content from an external source (another agent) without validation.
- Ingestion points: Memory files are imported from
/tmp/letta-memory-<agent-id>and~/.letta/agents/as described in the migration steps ofSKILL.md. - Boundary markers: The instructions do not define delimiters or provide specific prompts to the agent to disregard instructions embedded within the migrated data.
- Capability inventory: The agent has permissions to perform filesystem writes, execute management CLI commands, and perform network synchronization via Git.
- Sanitization: The skill lacks any steps for sanitizing, filtering, or verifying the integrity of the content being moved between agents.
Audit Metadata