memory
Warn
Audited by Socket on Apr 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill’s purpose and capabilities mostly align with a hosted memory system, and there is no install-time malware pattern. The main risk is data-flow integrity: it sends sensitive memories and full prior conversations, plus a bearer token, to a hidden variable relay endpoint ($API_URL) rather than a fixed publicly documented Rebyte API host. This looks more like an internal same-org service pattern than overt malware, but the opaque relay and broad conversation recall make it medium risk.
Confidence: 85%Severity: 58%
Audit Metadata