火一五记忆进化技能

The skill mostly matches a local memory-management purpose, but it contains a hard-coded LLM API key, disables SSL verification, and will send local logs/memory to an external service and can propagate itself to many agent workspaces — these behaviors are disproportionate and risky.

This skill largely implements a local memory system, but it contains high-risk behavior you should not ignore. Key concerns: - Hard-coded remote key: The code contains a bearer API key inside dream-api.py and will send local logs/memory to https://api.minimaxi.com. That can leak private conversation data, file paths, and anything saved into MEMORY.md. Treat that as an exposed credential and a potential exfiltration channel. - Disabled TLS verification: The script disables SSL verification for outbound requests, increasing the risk of man-in-the-middle interception of sensitive data. - Wide propagation: batch-install.sh will copy this skill into many dynamic agent workspaces and distribute HEARTBEAT.md, increasing the scope of any leak. The skill can create/modify memory files across workspaces. Recommendations before installing or enabling this skill: 1. Do not install on production systems or on machines containing sensitive data until audited. Run it in an isolated test environment first. 2. Inspect and remove/rotate the hard-coded API key immediately; require the operator to supply any external API credentials via environment variables or platform-managed secrets. If you see the exposed key used elsewhere, rotate it at the provider. 3. Fix TLS: remove the code that disables SSL verification so outbound requests are verified. 4. If you need remote LLM calls, require an explicit opt-in and document the remote endpoint, privacy policy, and data retention. Prefer using an operator-managed model endpoint or on-prem model rather than an embedded third-party key. 5. If you want to proceed in limited fashion, disable batch-install.sh and any automatic propagation; run only local components (auto-capture, memory files) and ensure they never call remote APIs. 6. Ask the author for provenance: where did the API key come from, who operates minimaxi.com, and why was SSL verification disabled? If you cannot obtain satisfactory answers, avoid use. Given the hard-coded credential + disabled TLS + mass-propagation, treat this skill as suspicious and proceed only after remediation and code/audit verification.