Skills
skills/dokhacgiakhoa/antigravity-ide/agent-memory-mcp/Gen Agent Trust Hub

agent-memory-mcp

Warn

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The setup process requires cloning a repository from an untrusted GitHub account (https://github.com/webzler/agentMemory.git). Because the author and organization are not verified, the code being downloaded and subsequently executed could contain malicious logic.
  • COMMAND_EXECUTION (LOW): The skill instructions prompt the user to run npm install and npm run compile on the downloaded code. This can trigger arbitrary lifecycle scripts (preinstall, postinstall) defined in the external repository's package.json.
  • PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via stored memories.
  • Ingestion points: The memory_write tool accepts arbitrary string content from the agent or users.
  • Boundary markers: Absent; the skill descriptions do not mention the use of delimiters or instructions to ignore embedded commands in retrieved memories.
  • Capability inventory: The skill possesses filesystem access (read/write) within the defined target workspace.
  • Sanitization: Absent; there is no evidence of sanitization or validation of the content being stored in the memory bank.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 21, 2026, 10:28 AM