ansor-memory

The skill’s behavior is broadly aligned with its stated purpose: it documents how to read and write PM memory records in an external MCP-backed database. There is no download-execute chain, no credential harvesting logic, and no suspicious proxy/exfiltration endpoint in the skill text. The main risk is trust and visibility: the required ansor MCP server is an external executable/service whose public provenance is not verifiable from the provided evidence, and the skill can write potentially sensitive workspace context into that external system. Overall this is better classified as suspicious due to unverifiable dependency trust and external data persistence, not malicious intent.