retrieval-policy

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines instructions for the agent to execute shell commands using the memory-daemon CLI utility. These commands are used for status checks, intent classification, and query routing within the local environment.
  • [DATA_EXPOSURE]: The skill references and accesses its own configuration file at ~/.config/agent-memory/config.toml. This access is standard for managing application-specific parameters like timeouts and depth limits and does not involve accessing sensitive system files or credentials.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided query strings by passing them as arguments to CLI tools. Ingestion points: User queries enter the system via the memory-daemon retrieval classify and route commands. Boundary markers: The instructions explicitly use double quotes to encapsulate query strings (e.g., "<query>"), which helps prevent command injection. Capability inventory: The skill relies on the execution of the memory-daemon binary. Sanitization: The skill uses basic shell quoting as a delimiter for user input.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 05:55 AM
Security Audit — agent-trust-hub — retrieval-policy