The Agent Skills Directory

[SAFE]: The skill implements a structured memory management protocol using official Mem0 MCP tools (add_memory, search_memories, get_memories). It focuses on organizing context through metadata filters and logical operators.
[COMMAND_EXECUTION]: References internal utility scripts (scripts/setup_coding_categories.py, on_pre_compact.py, capture_compact_summary.py) which appear to be part of the vendor's standard automation or platform hooks. These are used for administrative tasks like setting up categories or compacting memory and do not represent arbitrary command execution.
[DATA_EXFILTRATION]: The skill handles user_id and memory content. All data operations are performed through the authenticated MCP framework provided by the platform. There are no attempts to exfiltrate data to unauthorized third-party domains or access sensitive system files like SSH keys or environment variables.
[INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface through search_memories and get_memories which retrieve previously stored data. While this presents a surface for indirect injection if the stored content contains instructions, the risk is mitigated by the instructions for deliberate searching and the inherent nature of memory-augmented agents.
Ingestion points: SKILL.md (search_memories, get_memories tools)
Boundary markers: The instructions recommend using infer=False for structured data to ensure verbatim storage and explicit phrasing for searches.
Capability inventory: Subprocess calls are limited to the referenced vendor scripts; memory operations are restricted to the Mem0 API via MCP.
Sanitization: Not explicitly mentioned, as the skill relies on the platform's handling of tool outputs.

mem0-mcp