puda-memory
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes contents from protocol JSON files and log files to update a central project.md file. This creates an indirect prompt injection surface where malicious instructions embedded in these files could influence the agent's behavior during the update process.
- Ingestion points: SKILL.md specifies reading from protocols/ and logs/ directories.
- Boundary markers: No explicit markers or "ignore instructions" warnings are defined for the imported content.
- Capability inventory: The skill performs file read and write operations on local markdown, JSON, and log files.
- Sanitization: No sanitization or validation of the content from logs or protocols is specified.
Audit Metadata