memory-pill

This skill is functionally coherent with its stated purpose (providing persistent structured memory, prompt expansion, and agent-driven tasks) but it carries moderate security risk due to autonomy and broad filesystem writes. The most concerning points are: explicit instructions to create workspace structure without asking the user, an agent-first spawning model that enables automated file creation and edits, and an implied outbound 'morning briefing' flow with unspecified destinations. There is no evidence of network-based credential harvesting, obfuscation, or explicit malicious payloads in the provided text; however the combination of silent filesystem writes, automated agents, and data aggregation raises supply-chain and privacy concerns. I assess this as not overtly malicious but suspicious/vulnerable: it's appropriate to require explicit user consent before first-use setup, restrict or audit agent actions, document where any outbound briefings are sent (and require user opt-in), and provide guidance on avoiding storing secrets in memory files or using encryption/access controls.