memories-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides setup instructions for various clients (e.g., Claude Code, Cursor) that involve downloading and executing the
@memories.sh/clipackage from the NPM registry usingnpx. This is the standard delivery mechanism for the memories.sh MCP server. - [EXTERNAL_DOWNLOADS]: The skill references an official cloud endpoint at
https://memories.sh/api/mcpfor users opting for cloud-hosted transport instead of local execution. - [SAFE]: All identified external resources (NPM package and API endpoint) are consistent with the 'memories.sh' product name and the author 'webrenew'. The skill uses placeholders for sensitive information like API keys and contains no obfuscated code or malicious prompt instructions.
Audit Metadata