Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- merged-src.js:16446
Security audit
Security checks across malware telemetry and agentic risk
This memory skill is broadly purpose-aligned, but it asks for persistent automatic memory capture and exposes several high-impact install and runtime paths that need human review.
Install only after reviewing the source that will actually run, especially install.sh/src/index.js from the repository. Expect this skill to persist and reuse conversation-derived information automatically, and avoid enabling cloud sync, external plugins, or 0.0.0.0 HTTP servers unless you have reviewed the configuration, credentials, retention, deletion, and disable controls.
67/67 vendors flagged this skill as clean.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal (+1 more)