memoryvault
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Data Exfiltration (HIGH): The skill is designed to transmit agent context and knowledge to an external, non-whitelisted domain (
memoryvault.link). This constitutes a significant data exfiltration risk as sensitive session information is stored on a third-party server. - External Downloads (MEDIUM): Installation via
npx skills add cairn-agent/memoryvault-skilldownloads content from an untrusted GitHub source (cairn-agent) that is not included in the trusted provider list. - Prompt Injection (HIGH): The skill creates a high risk for indirect prompt injection. Ingestion points: Data retrieved from the 'cloud memory' service (memoryvault.link) is interpolated into the agent's context. Boundary markers: Absent; there is no evidence of delimiters or instructions to ignore embedded commands. Capability inventory: The skill supports sharing memory between agents and storing context across sessions, meaning an attacker who can influence the cloud data can influence the agent's future behavior. Sanitization: Absent; the skill lacks validation for retrieved content.
Recommendations
- AI detected serious security threats
Audit Metadata