memory

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill's logic is restricted to bridging communications with an internal SDK.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface, as its primary purpose is to ingest and retrieve external text data.
  • Ingestion points: The 'content' parameter in add_knowledge_chunk and the 'query' parameter in search_knowledge in main.py.
  • Boundary markers: No delimiters or isolation instructions are present in the tool definitions to separate user data from agent instructions.
  • Capability inventory: The skill is restricted to calling 'memory.append' and 'memory.search' via the 'deeting' SDK; it lacks access to the shell, network, or file system (main.py).
  • Sanitization: Ingested text is passed directly to the memory service without escaping or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 02:06 AM