memory-search

No explicit malicious code or hardcoded credentials are present in the provided text. The primary security concern is the supply-chain and data-exfiltration risk introduced by the unpinned 'git clone' + 'run install-memory-tools.sh' workflow and the lack of documentation about where the installed tooling communicates or stores indexes. Treat this component as requiring manual audit before use: verify and pin installer sources, inspect install scripts, run installation in an isolated environment, and ensure all index/network operations are local or explicitly authorized to avoid leaking conversation data.