Trust Assessment
galatea-memory received a trust score of 84/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Regular Expression Denial of Service (ReDoS) via user input, Data Exfiltration to Third-Party Service (Notion).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Regular Expression Denial of Service (ReDoS) via user input The `memory_manager.py` script uses user-provided input directly as a regular expression pattern in `re.search` calls within the `search_short_term_memories` and `get_key_facts` functions. A malicious user could craft a complex and inefficient regex pattern, leading to excessive CPU consumption and a Denial of Service (DoS) for the agent or system executing the skill. Sanitize user input before using it as a regular expression pattern. Consider using a simpler substring search for user queries, or implement robust regex validation and timeout mechanisms to prevent ReDoS attacks. For example, escape special regex characters in user input using `re.escape()` if a literal string search is intended, or use a library designed to mitigate ReDoS. | LLM | memory_manager.py:409 | |
| LOW | Data Exfiltration to Third-Party Service (Notion) The skill includes functionality (`_sync_to_notion`) to send 'key facts' (which can contain user-controlled content) to an external Notion database via the Notion API. While the Notion API key is securely retrieved from environment variables, sending user data to a third-party service introduces a potential data exfiltration risk if the Notion service is compromised or if sensitive user data is inadvertently or maliciously marked as a 'key fact' and synchronized without explicit user consent or awareness. Ensure clear user notification and consent mechanisms are in place before enabling Notion synchronization. Provide options for users to disable this feature or to filter out highly sensitive information from being sent to Notion. Implement data classification to prevent specific types of sensitive data from being marked as key facts and synchronized. | LLM | memory_manager.py:520 |
Scan History
Embed Code
[](https://skillshield.io/report/a7484b775773e22f)
Powered by SkillShield