persistent-memory

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to detect and record API keys/accounts and to generate/write memory entries (including into a .sensitive/ directory), which requires the LLM to handle and potentially output secret values verbatim when creating those file contents.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's sync instructions show runtime git commands (e.g., git clone https://ghp_xxx@github.com/user/persistent-memory.git and periodic git fetch/pull) which would fetch remote repository files into ~/.persistent-memory (INDEX.md, MEMORY.md) that the agent explicitly reads at session start and thus can directly control prompts, so the GitHub URL is a high-risk runtime dependency.