memory-md
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes content from a local file (MEMORY.md), which serves as an indirect prompt injection surface if the file is modified by untrusted contributors in a shared repository environment. \n
- Ingestion points: Instructions in SKILL.md direct the agent to read MEMORY.md for project context at the start of conversations. \n
- Boundary markers: No specific delimiters or safety wrappers are defined to separate the file content from system instructions. \n
- Capability inventory: The skill is intended to perform read and write operations on local repository files. \n
- Sanitization: No content validation or sanitization process is specified for the data read from the file beyond conforming to specified bullet point patterns.
Audit Metadata