memory
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill's logic is restricted to bridging communications with an internal SDK.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface, as its primary purpose is to ingest and retrieve external text data.
- Ingestion points: The 'content' parameter in add_knowledge_chunk and the 'query' parameter in search_knowledge in main.py.
- Boundary markers: No delimiters or isolation instructions are present in the tool definitions to separate user data from agent instructions.
- Capability inventory: The skill is restricted to calling 'memory.append' and 'memory.search' via the 'deeting' SDK; it lacks access to the shell, network, or file system (main.py).
- Sanitization: Ingested text is passed directly to the memory service without escaping or validation.
Audit Metadata