The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is designed to send user-provided data to an external API at https://api.mem9.ai (or a URL defined by the MEM9_API_URL environment variable). Because the destination belongs to the skill vendor (mem9-ai) and the action is the primary intended function of the skill, this is documented as normal operational behavior.
[COMMAND_EXECUTION]: The skill uses a curl command within a Bash environment to perform network requests. It relies on environment variables MEM9_API_URL and MEM9_TENANT_ID for configuration.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted user data to construct a command-line argument for curl.
Ingestion points: Untrusted data enters the context via the user's request to 'remember' or 'save' information.
Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the extracted memory content.
Capability inventory: The skill utilizes curl for network operations and identifies Bash as an allowed tool.
Sanitization: No sanitization or escaping mechanisms are defined for the data interpolated into the JSON payload of the curl command.

mem9-store