The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (HIGH): The setup process involves cloning a repository from an untrusted source (github.com/webzler/agentMemory.git). This source is not on the list of trusted organizations and has not been verified for security.
[REMOTE_CODE_EXECUTION] (HIGH): The skill instructs the agent to perform npm install, npm run compile, and npm run start-server on the cloned code. This is a direct execution path for any malicious code contained in the external repository.
[COMMAND_EXECUTION] (HIGH): The skill requires shell access to build and run an MCP server and a dashboard, which provides an attacker-controlled codebase with full user-level permissions on the host system.
[DATA_EXFILTRATION] (MEDIUM): The skill is designed to manage 'Architecture, Patterns, and Decisions' which are sensitive data points. The untrusted code has access to this data and the ability to start a web server/dashboard (localhost:3333), posing a risk of data exfiltration.
[INDIRECT_PROMPT_INJECTION] (MEDIUM): The memory_write capability ingests untrusted content. If an agent records malicious instructions disguised as 'knowledge' and later retrieves them via memory_search or memory_read, it could lead to the agent following unauthorized instructions (Indirect Prompt Injection).

agent-memory-mcp