dive-memory-v3
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (LOW): The skill implements automated context injection of past memories. This presents an indirect prompt injection surface.
- Ingestion points: Memories are added via the memory_add tool or the Python API.
- Boundary markers: Absent; documentation does not specify the use of delimiters when injecting context, which may lead the model to confuse past memories with current instructions.
- Capability inventory: The skill has local file-system access (SQLite) and network access for cloud synchronization.
- Sanitization: No sanitization of stored content is mentioned in the documentation or provided protocol code.
- DATA_EXFILTRATION (LOW): The skill includes a 'Cloud Sync' feature to transmit memory data to external S3-compatible storage. While this is an advertised feature, users should ensure bucket policies and credentials are managed securely to prevent unauthorized data access.
- NO_CODE (SAFE): Several core logic files (dive_memory.py, mcp_server.py, and sync_to_cloud.py) are missing from the provided bundle. This analysis is based on the protocol implementation, CLI tool, and technical documentation.
Audit Metadata