exocortex
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill facilitates storing and retrieving data that could contain malicious instructions designed to override agent behavior.\n
- Ingestion points: Memory content is recalled into the agent context via the
exo_recall_memoriestool inSKILL.md.\n - Boundary markers: The skill does not specify the use of delimiters (e.g., XML tags) to separate recalled memories from current task instructions.\n
- Capability inventory: No high-risk tools (like shell execution) are defined within this specific skill file.\n
- Sanitization: There is no instruction to sanitize or validate retrieved data before the agent processes it.
Audit Metadata