memos-cloud-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly calls the MemOS cloud API (BASE_URL https://memos.memtensor.cn/api/openmem/v1 via memos_cloud.py) and its README/SKILL.md require the Agent to search and consume user-generated memories which are then used to influence replies and actions, exposing the Agent to untrusted third-party content that could contain indirect instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill performs runtime POSTs to the MemOS API at https://memos.memtensor.cn/api/openmem/v1 (BASE_URL) to fetch user memories that are injected into the agent's context and thus directly influence prompts, and the script requires that external service (and an API key) to operate.