mimir-memory
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to run
npx memory-mimir, which downloads and executes code from the npm registry. This package is identified as a legitimate vendor resource for the author 'triplewhite'.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8).\n - Ingestion points: Data enters the system via the
mimir_storetool which saves facts and preferences provided by the user.\n - Boundary markers: Memories are delimited by
<memories>tags when injected into the agent's context window.\n - Capability inventory: The skill possesses the ability to perform deep memory searches, store new facts, and delete existing entries.\n
- Sanitization: No explicit sanitization or filtering of the stored 'memory' content is described, meaning instructions embedded in stored data could influence the agent during auto-recall.
Audit Metadata