Stigmem

The stigmem-node skill provides a legitimate interface for persistent federated memory using the Stigmem protocol. The code in adapter.py includes explicit security measures, such as the _sanitize_fact_value function which escapes HTML/markdown characters and truncates input to mitigate prompt injection risks when external data is injected into the agent's system prompt. The documentation in SKILL.md is transparent about the risks of RAG-based workflows and provides clear guidance on least-privilege API key usage and data scoping. No indicators of malicious intent, unauthorized exfiltration, or obfuscation were found.