Skills
skills/claudiodearaujo/izacenter/agent-memory-mcp/Gen Agent Trust Hub

agent-memory-mcp

Fail

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires cloning a repository from an unverified external source: https://github.com/webzler/agentMemory.git.
  • [REMOTE_CODE_EXECUTION]: The skill executes code from the downloaded repository via npm install and npm run, allowing arbitrary scripts to run on the host system.
  • [COMMAND_EXECUTION]: The skill instructions involve running shell commands that interact with the local filesystem and workspace paths.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by storing and retrieving untrusted data in its memory bank. Ingestion points: memory_write tool. Boundary markers: None specified. Capability inventory: memory_read, memory_write, and memory_search tools. Sanitization: Not documented.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 10, 2026, 01:13 AM