dream
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured multi-step workflow (1 through 6) designed to process data in memory and present a consolidation report for user review before any modifications are applied.
- [COMMAND_EXECUTION]: Executes a local Python script (
parse_mem0_config.py) to retrieve retention policies from the project's configuration. This script is part of the skill's own package and is used for platform-specific path resolution. - [SAFE]: In automated mode, the skill uses a file-based lock mechanism at
/tmp/mem0_dream_auto.lockto ensure process synchronization and prevent concurrent modifications of the memory store. - [SAFE]: Memory management operations (fetching, merging, and pruning) are scoped strictly to the current
user_idandapp_id, utilizing internal tool calls rather than external network requests. - [INDIRECT_PROMPT_INJECTION]: The skill processes external data (user memories) which represents a potential attack surface.
- Ingestion points: Memory content is retrieved via the
get_memoriestool in Step 2. - Boundary markers: The skill does not explicitly use delimiters for memory content, but instructions require the agent to analyze content heuristically (similarity/noun overlap).
- Capability inventory: The skill has the ability to delete (
delete_memory) and create (add_memory) entries based on the processed data. - Sanitization: The skill mitigates risks by requiring user confirmation of a structured diff report (Step 4) before execution, and in auto-mode, it restricts high-risk operations like contradiction resolution to manual review.
Audit Metadata