Skills
skills/sickn33/antigravity-awesome-skills/agent-memory-mcp/Gen Agent Trust Hub

agent-memory-mcp

Warn

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires cloning a repository from an external source (https://github.com/webzler/agentMemory.git) that is not associated with the skill author's verified resources.
  • [REMOTE_CODE_EXECUTION]: The setup instructions involve running npm install, npm run compile, and npm run start-server on code fetched from an external source, which allows for arbitrary code execution from an untrusted third party.
  • [COMMAND_EXECUTION]: The installation and execution process requires several shell commands, including git clone and npm scripts, to configure the environment and run the server.
  • [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection (Category 8).
  • Ingestion points: Data from the memory system is ingested into the agent context via the memory_search and memory_read tools.
  • Boundary markers: There are no markers or instructions in the skill to delimit memory content or treat it as untrusted data.
  • Capability inventory: The skill allows the execution of subprocesses (npm scripts) and management of workspace data.
  • Sanitization: No sanitization or validation of the stored memory content is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 13, 2026, 11:35 PM