satori

Functionally, the document accurately describes a memory integration that will persist and retrieve user-provided facts via a third-party CLI. The key security concerns are supply-chain execution risk (runtime npx of unpinned package), automatic credential provisioning/persistence, lack of content-filtering or redaction guidance (risk of saving secrets/PII), and limited transparency (silent writes, no endpoint/retention policy). There is no direct evidence inside this document of embedded malware or obfuscation, but the operational instructions materially increase attack surface and privacy exposure. Recommended mitigations before deploying: pin CLI versions and verify package provenance (checksums/signatures), require explicit per-item consent or allowlist before saving facts, implement client-side redaction of secrets/PII, log/save user-visible audit entries for stored facts, and audit the auto-provisioning flow and resulting ~/.config/satori/satori.json contents.