Soul Dreaming

This skill appears to implement a coherent memory-management system, but be careful before enabling it. Key concerns: - It explicitly encourages saving 'security-relevant findings' and 'credential locations' to workspace memory files; consider that these files could contain secrets or PII and may be read by other skills or processes. If you install it, review and control what the agent is allowed to persist. - The SKILL.md demonstrates use of external tools (qmd, proxychains4) but the skill doesn't declare them; either ensure those tools are available and secure or disallow commands that call them. - The skill will perform file operations (create, promote, archive, delete) inside workspace/memory. Confirm that the workspace path is isolated and that you have backups of any important data before allowing the agent to run the REM/Deep Sleep cycles. Practical precautions: - Restrict the skill's writable directory to a sandboxed workspace/memory path and do not allow it access to broader filesystem paths. - Add a policy or filter so the agent redacts or refuses to persist secrets (API keys, passwords, tokens). You can modify the templates to include an automatic 'REDACTED' step for any suspected secret patterns. - Audit memory files regularly and consider encrypting sensitive entries or storing only pointers (not raw secrets). - If you are uncomfortable with autonomous writes, disable autonomous invocation for this skill or require explicit user consent before any write/delete action. If you want a safer assessment, provide: (1) whether the runtime agent will run with access to other workspace folders or system folders, and (2) whether you have a policy to block writing of secrets — with that info I can give higher-confidence guidance.