skills/mem0ai/mem0/mem0-integrate/Gen Agent Trust Hub

mem0-integrate

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's architecture is built around user control, requiring explicit approval for the integration goals, the technical plan, and the final code diff before any permanent changes are made.
  • [PROMPT_INJECTION]: The skill processes untrusted repository files, including READMEs, contribution guides, and source code, creating an indirect prompt injection surface (Ingestion points: SKILL.md Step 2). This risk is mitigated by the structured workflow that requires user verification of all summaries and plans (Boundary markers: User approval steps 2, 5, 6, 8) and focuses on additive server-side integration (Capability inventory: File-write and command execution in SKILL.md Step 8/10). While explicit sanitization is absent (Sanitization: Absent), the multi-gate human-in-the-loop approach effectively manages the risk.
  • [COMMAND_EXECUTION]: The skill uses standard development tools and test frameworks (e.g., pytest, npm) to verify the integration on a local feature branch (SKILL.md Step 10). These commands are necessary for the skill's primary function and are gated by the self-healing loop's safety checks.
  • [EXTERNAL_DOWNLOADS]: Documentation and integration patterns are retrieved from authoritative vendor sources, including mem0.ai and the official mem0ai GitHub repository. These downloads are safe as they originate from the technology provider's official infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:03 AM
Security Audit — agent-trust-hub — mem0-integrate