archiving
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several maintenance and utility scripts (e.g., unique-filename.sh, snapshot-save.sh, writing-reset.sh) located within the platform's script directory to manage file organization and environment resets.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-controlled data from project markdown files (design, plan, findings) to derive summaries and memory optimizations. While this represents a potential surface for indirect injection, the skill mitigates risk by requiring user review and confirmation before applying any changes to the permanent memory files.
- Ingestion points: Processes content from .writing/design.md, .writing/plan.md, .writing/progress.md, and .writing/findings.md.
- Boundary markers: Explicit boundary markers or instructions to ignore embedded content are not present in the interpolation templates.
- Capability inventory: Includes file system manipulation (mkdir), execution of maintenance scripts, and the ability to modify internal memory files via editing tools.
- Sanitization: No specific sanitization or filtering of the ingested content is described before it is proposed for memory updates.
Audit Metadata