cognitive-memory

The cognitive-memory skill presents a coherent and ambitious architecture for multi-store memory with audit trails and reflection. Its footprint is largely self-contained (local file-based stores, git/audit logging, and in-context memory graphs) and proportionate to its stated purpose. The main security considerations are around internal reflection data exposure, audit/log retention, and ensuring explicit user consent and access controls for sensitive internal monologue content. No evident credential harvesting or external data exfiltration patterns are described. The presence of local init scripts and filesystem-based stores is normal for a developer tooling context, but verify script provenance and restrict access to sensitive memory content. Overall, the skill is BENIGN with MEDIUM risk due to privacy-sensitive data flows and the potential for inadvertent exposure of internal monologue content.