Skills
skills/cloudvoyant/codevoyant/mem-help/Gen Agent Trust Hub

mem-help

Warn

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONNO_CODE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation references npx @codevoyant/agent-kit, which causes the agent to download external package content from the npm registry at runtime.
  • [REMOTE_CODE_EXECUTION]: By instructing the agent or user to execute commands via npx @codevoyant/agent-kit, the skill facilitates the execution of remote code. The package source is not verified, and the discrepancy between the author name (cloudvoyant) and the package name (@codevoyant) suggests the code originates from an unverified source.
  • [NO_CODE]: The skill consists exclusively of a markdown configuration file and does not include any local scripts or binary files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 20, 2026, 11:51 PM
Security Audit — agent-trust-hub — mem-help