Skills
skills/mark-life/agent-skills/memory-view/Gen Agent Trust Hub

memory-view

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses node or bun to execute a local TypeScript script (scan-memory.ts) that orchestrates the memory analysis. This script invokes additional system utilities, such as git rev-parse for project root resolution and system openers (open, start, xdg-open) to launch the generated HTML report.
  • [COMMAND_EXECUTION]: The resolveTarget function in scripts/lib/resolve.ts accepts filesystem paths as arguments. These paths are subsequently used to define the working directory for execFileSync calls. While this allows for flexible project targeting, it relies on the integrity of the provided path.
  • [SAFE]: The skill is designed to access and read sensitive local directories located at ~/.claude/projects/ to aggregate project memory. This behavior is consistent with its stated purpose as a memory viewer and no network activity was detected that would suggest data exfiltration.
  • [SAFE]: The application implements a credential redaction module in scripts/lib/redact.ts. This system uses regex patterns and entropy analysis to identify and mask secrets (e.g., Anthropic, OpenAI, AWS keys) before they are embedded in the human-readable HTML report.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 02:52 PM
Security Audit — agent-trust-hub — memory-view