memory
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses curl to interact with the Rebyte API endpoints for managing memories and retrieving conversation history.
- [DATA_EXFILTRATION]: User memories and previous task prompts are transmitted to the platform API endpoint specified by the $API_URL variable. This activity is consistent with the vendor's architectural design.
- [PROMPT_INJECTION]: The skill retrieves and processes historical conversation content and saved facts which may contain untrusted data.
- Ingestion points: Data returned from the /api/data/memory/search and /api/data/memory/recall endpoints in SKILL.md.
- Boundary markers: No explicit delimiters or isolation instructions are provided to separate recalled content from current instructions.
- Capability inventory: The agent maintains the ability to execute shell commands (curl) after processing the retrieved information.
- Sanitization: The content retrieved from the memory API is not subjected to validation or sanitization within the skill.
Audit Metadata