Skills
skills/automindtechnologie-jpg/ultimate-skill.md/agent-memory-mcp/Gen Agent Trust Hub

agent-memory-mcp

Fail

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones a repository from an unverified third-party GitHub repository (https://github.com/webzler/agentMemory.git).
  • [REMOTE_CODE_EXECUTION]: Setup requires running npm install and npm run compile on the untrusted external code, enabling arbitrary remote code execution on the host.
  • [COMMAND_EXECUTION]: The skill installation and operation involve executing several shell commands that interact with host filesystem paths.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface. 1. Ingestion points: Workspace files via memory_read and memory_search tools. 2. Boundary markers: Absent. 3. Capability inventory: Subprocess execution via npm and filesystem access. 4. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 9, 2026, 11:33 PM