Ling Mem

The ling-mem skill implements a sophisticated cross-session memory system that requires high-risk permissions and behaviors to function. Key indicators include the `install.sh` script, which downloads and executes a prebuilt binary from GitHub and installs a `UserPromptSubmit` hook (`scripts/hooks/recall.sh`) that intercepts every user prompt to inject RAG-retrieved context. While these actions are aligned with the stated purpose of 'auto-recall' and the documentation in `references/routing-rules.md` explicitly forbids storing secrets, the automated modification of agent configuration and the execution of external binaries (IOC: github.com/linggen/linggen-memory) represent a significant attack surface and persistence mechanism.