memory-bridge
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include the manual execution of a local helper script via 'node .claude/helpers/auto-memory-hook.mjs' to perform bulk imports.
- [DATA_EXFILTRATION]: The skill accesses sensitive markdown memory files located in the user's home directory at '~/.claude/projects//memory/.md'. This data is then transferred to 'AgentDB', a resource within the vendor's ecosystem, for semantic indexing.
- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface through the ingestion of external markdown files. Ingestion points: Reads files from project memory directories. Boundary markers: None identified. Capability inventory: Includes 'Bash', 'Read', and database interaction tools. Sanitization: No content sanitization or validation is specified before indexing and embedding generation.
Audit Metadata