elite-longterm-memory
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill operates as a utility for persistent context management using standard file operations and verified third-party service integrations.
- [COMMAND_EXECUTION]: The skill includes a Node.js CLI tool (
bin/elite-memory.js) used for initializing the memory structure and generating daily logs. Analysis confirms it only performs local file system operations within the workspace. - [EXTERNAL_DOWNLOADS]: Instructions recommend the installation of the
mem0aipackage and optional integration with the SuperMemory API. These are well-known services for AI agent development and do not involve suspicious or unverified sources. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) inherent to its role as a memory system.
- Ingestion points:
SESSION-STATE.md,MEMORY.md, and daily logs in thememory/directory. - Boundary markers: Absent; the system uses standard Markdown files for storage without explicit delimiters for untrusted content.
- Capability inventory: The agent is instructed to read these files as primary context and write to them using standard file-system capabilities.
- Sanitization: Absent; the system relies on the LLM's internal safety filters and logic when processing remembered information.
Audit Metadata