Skills
skills/lirrensi/agent-cli-helpers/memory-bank/Gen Agent Trust Hub

memory-bank

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, exfiltration, or unauthorized code execution were detected. The skill is focused on local data persistence and organization.
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the rg (ripgrep) CLI tool to perform searches within the ./memory/ directory. These commands are scoped to the local environment and are used for keyword and tag-based retrieval of saved notes.
  • [PROMPT_INJECTION]: The skill's primary function—storing and recalling user-influenced content—creates a surface for indirect prompt injection. If an agent saves and later recalls malicious instructions provided during a previous session, it could influence future behavior.
  • Ingestion points: Files stored within the ./memory/ directory (referenced throughout SKILL.md).
  • Boundary markers: None identified in the provided templates for memory files.
  • Capability inventory: Local file read/write operations and ripgrep search functionality (referenced in SKILL.md).
  • Sanitization: The skill does not provide explicit mechanisms for sanitizing or escaping content before it is re-injected into the agent's context during retrieval.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 12:45 AM
Security Audit — agent-trust-hub — memory-bank