Skills
skills/momhq/mom/mom-recall/Gen Agent Trust Hub

mom-recall

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local CLI tool named mom with the recall subcommand. This tool appears to be a vendor-specific resource associated with the skill author.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through command interpolation.
  • Ingestion points: User-provided natural language queries are captured as the <query> variable in SKILL.md.
  • Boundary markers: The input is wrapped in double quotes ("<query>") within the bash command.
  • Capability inventory: The skill has the capability to execute shell commands via the Bash tool as defined in the allowed-tools frontmatter.
  • Sanitization: There is no explicit sanitization or escaping of the user input beyond the use of double quotes. This provides a surface for potential command injection if the input contains shell-active characters like backticks (`) or command substitution syntax ($(...)).
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 05:03 PM