Skills
skills/rjmurillo/ai-agents/memory-documentary/Gen Agent Trust Hub

memory-documentary

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as grep and the GitHub CLI (gh) to perform systematic searches across local project artifacts and external issue trackers. These operations are performed within the expected scope of creating a documentary report.
  • [DATA_EXFILTRATION]: The skill accesses sensitive project data, including session logs, retrospective reports, and architecture decisions. This information is processed locally to generate a summarized report for the user, which is the skill's primary stated function.
  • [PROMPT_INJECTION]: The skill features an indirect prompt injection surface as it ingests untrusted data from GitHub issues and comments. However, the risk is addressed by the protocol's requirement for structured report generation and the use of direct quotes, which limits the potential for external content to manipulate agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 03:46 PM