memos-cloud-developer

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes a Python script (scripts/upgrade.py) that downloads documentation resources and metadata from the vendor's official repository at raw.githubusercontent.com/MemTensor/MemOS-Cloud-Skill. This is a documented feature used to keep the skill's reference materials up to date.
  • [COMMAND_EXECUTION]: The SKILL.md instructions direct the agent to execute the local scripts/upgrade.py script upon activation. This script manages the synchronization of resources before the agent proceeds with user-requested tasks.
  • [PROMPT_INJECTION]: The skill's architecture relies on reading instructions that are dynamically fetched from a remote source, which introduces a vulnerability surface for indirect prompt injection.
  • Ingestion points: Resources folder (resources/), which contains markdown files fetched and updated by scripts/upgrade.py from a remote repository.
  • Boundary markers: Absent. The agent is instructed to read and follow the routing logic in the downloaded files as authoritative guidance.
  • Capability inventory: The agent has the ability to execute local scripts (scripts/upgrade.py) and perform network operations (API calls to memos.memtensor.cn as documented in API reference files).
  • Sanitization: Absent. The skill does not implement specific filtering or validation on the content of the downloaded markdown instructions before processing them.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 01:53 PM
Security Audit — agent-trust-hub — memos-cloud-developer