mem-remember
Fail
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses
npxto download and execute the@codevoyant/agent-kitpackage. This pattern allows for the execution of arbitrary code fetched from a remote registry at runtime. - [EXTERNAL_DOWNLOADS]: The skill fetches the
@codevoyant/agent-kitpackage from the public npm registry during execution. - [COMMAND_EXECUTION]: The skill executes shell commands to perform memory indexing and suggests modifying
CLAUDE.mdto establish persistence for the tool across future sessions. - [PROMPT_INJECTION]: The skill performs a bulk dump of knowledge into the context without using boundary markers or sanitization, creating a surface for indirect prompt injection. Ingestion points: Team knowledge is loaded via output from an external tool. Boundary markers: Absent; instructions direct the agent to print output directly without reformatting. Capability inventory: The skill can execute shell commands and suggest file modifications. Sanitization: Absent; data is treated as a bulk dump.
Recommendations
- AI detected serious security threats
Audit Metadata