Memory System Pro V2

完整记忆系统 - 四类记忆分类 + AutoDream自动整合 + MiniMax LLM驱动 + Feedback双向记录

What to consider before installing: - Privacy: AutoDream builds a prompt from your MEMORY.md, session histories and recent memory files and sends that content to an external MiniMax API endpoint. If your memory folder contains private or sensitive information, it will be transmitted to that external service when AutoDream runs. - API key handling: The code reads MINIMAX_CODING_API_KEY from environment or config (e.g., 'env:MINIMAX_CODING_API_KEY'), but the skill metadata does not declare this required env var. If you have that env var set, AutoDream can run automatically and use it — consider unsetting the variable or not configuring the key if you do not want off-host calls. - Autonomous triggers: AutoDream is hooked into HEARTBEAT (daily cron) and is checked after memory writes. If you want to avoid automatic consolidation, disable autoDream in config or avoid providing the API key. Also consider disabling the heartbeat integration. - Local embedding: The skill calls a local Ollama endpoint via curl/exec for embeddings. Ensure Ollama is running locally if you want vector search; otherwise the skill falls back to a deterministic fallback embedding (less accurate). - Code review & sandboxing: If you plan to use this skill for sensitive data, review the executeDream/buildDreamPrompt code path (it constructs the prompt and sends memory contents) and test in a sandboxed environment first. Prefer running without the MiniMax API key or configuring AutoDream.enabled=false, and only enable vector search/Ollama if you control the local service. - Fixes & checks: Ask the author or repository maintainer to (1) explicitly declare required env vars in metadata, (2) document exactly what data is sent to the MiniMax endpoint, and (3) harden shell usage in embed.ts (use execFile/spawn with arguments rather than a single command string). If you can't verify the external service or source repo, treat this skill as potentially exfiltrative and avoid enabling AutoDream.

Package: memory-system (mcp) Version: 2.0.1 Description: 完整记忆系统 - 四类记忆分类 + AutoDream LLM整合 + Feedback双向记录 The package contains several high-risk security vulnerabilities and suspicious implementation patterns. Most critically, `src/embed.ts` uses `child_process.exec` to execute a `curl` command for generating text embeddings. The command is constructed using string interpolation of user-provided text with insufficient sanitization (only double quotes are escaped, while single quotes are not), leading to a classic shell command injection vulnerability. Additionally, the `autoDream` feature in `src/autoDream.ts` automatically modifies the file system (creating and deleting files) based on responses from an external LLM (MiniMax). This logic lacks path sanitization, making it susceptible to directory traversal attacks where an attacker could manipulate the LLM to delete or overwrite sensitive system files. The decision to use `child_process.exec` for local API calls instead of the standard `fetch` API (which is used elsewhere in the same package) is a significant red flag for a security analyst.