memos-cloud-developer
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a Python script (
scripts/upgrade.py) that downloads documentation resources and metadata from the vendor's official repository atraw.githubusercontent.com/MemTensor/MemOS-Cloud-Skill. This is a documented feature used to keep the skill's reference materials up to date. - [COMMAND_EXECUTION]: The
SKILL.mdinstructions direct the agent to execute the localscripts/upgrade.pyscript upon activation. This script manages the synchronization of resources before the agent proceeds with user-requested tasks. - [PROMPT_INJECTION]: The skill's architecture relies on reading instructions that are dynamically fetched from a remote source, which introduces a vulnerability surface for indirect prompt injection.
- Ingestion points: Resources folder (
resources/), which contains markdown files fetched and updated byscripts/upgrade.pyfrom a remote repository. - Boundary markers: Absent. The agent is instructed to read and follow the routing logic in the downloaded files as authoritative guidance.
- Capability inventory: The agent has the ability to execute local scripts (
scripts/upgrade.py) and perform network operations (API calls tomemos.memtensor.cnas documented in API reference files). - Sanitization: Absent. The skill does not implement specific filtering or validation on the content of the downloaded markdown instructions before processing them.
Audit Metadata