tencentdb-agent-memory
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the @tencentdb-agent-memory/memory-tencentdb package via npm and references official resources from Tencent's GitHub organization.
- Package: @tencentdb-agent-memory/memory-tencentdb
- Source: Tencent (Trusted Vendor)\n- [COMMAND_EXECUTION]: Provides instructions to execute a shell script scripts/openclaw-after-tool-call-messages.patch.sh to configure the runtime environment.
- This script is part of the vendor's provided tooling for the OpenClaw gateway integration.\n- [DATA_EXFILTRATION]: Configuration options allow the agent to send conversation data to api.lkeap.cloud.tencent.com (Tencent Cloud) or OpenAI APIs for memory distillation and embedding.
- These are well-known, trusted services and their use is consistent with the skill's stated purpose.\n- [PROMPT_INJECTION]: The skill uses a Retrieval-Augmented Generation (RAG) approach to augment system prompts with recalled memories, creating a surface for indirect prompt injection.
- Ingestion points: Ingests conversation logs and atomic facts from the local database.
- Boundary markers: Recalled facts are interpolated into the system prompt without explicit safety delimiters or ignore-instructions warnings.
- Capability inventory: Includes file-writing (to refs/ directory) and database management operations.
- Sanitization: No explicit sanitization of recalled memory content is demonstrated in the prompt construction examples.
Audit Metadata