nowledge-mem-docker
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands and a vendor-provided script (
nmemctl) to manage container lifecycles, view logs, and check server status. - [EXTERNAL_DOWNLOADS]: Fetches the deployment stack from the official vendor repository on GitHub (
github.com/nowledge-co/community.git). - [SAFE_PRACTICE]: Implements a strict 'Handoff' policy that prevents the agent from executing destructive commands like
./nmemctl wipeor sensitive operations like API key rotation, requiring the user to execute these manually at their own terminal. - [SAFE_PRACTICE]: Provides clear, transparent communication regarding the security implications of enabling auto-updates, specifically noting the host-root-equivalent risk associated with mounting the Docker socket.
- [DATA_EXPOSURE]: Accesses and displays an API key (
remote-access.json) to the user for configuration purposes, with explicit instructions to the agent not to persist or save this data.
Audit Metadata