🛡️ SafeAgentSkills

Fractal Memory

· v1.0.0

Medium Risk

Automated hierarchical memory compression system that prevents context overflow through daily→weekly→monthly→core compression. Use when you need (1) long-term memory management without manual curation, (2) token-efficient context loading with attention-optimized hierarchy, (3) preventing session bloat from accumulated history, (4) automated memory rollups via cron, or (5) migrating from flat daily files to structured memory. Activates for memory architecture questions, context overflow issues, or setting up persistent agent memory.

H:3 D:1 A:1 C:1

⚠️ Hazard Flags

EXEC FS_READ_WORKSPACE FS_WRITE_WORKSPACE FS_WRITE_USER

📋 Capabilities

Execution

  • ✅ Shell execution
  • ❌ Code execution
  • ❌ Install dependencies
  • ❌ Persistence
  • Privilege: user

Filesystem

  • ✅ Read workspace
  • ✅ Write workspace
  • ❌ Read home
  • ✅ Write home
  • ❌ Read system
  • ❌ Delete

Network

  • Egress: none
  • ❌ Ingress

Credentials

  • ❌ Environment vars
  • ❌ Credential files
  • ❌ Browser data
  • ❌ Keychain

Actions

❌ send messages❌ post public❌ purchase❌ transfer money❌ deploy❌ delete external

🔒 Containment

Level: elevated

Required:
  • SANDBOX_CONTAINER: Code execution capability
Recommended:
  • LOG_ACTIONS: Audit trail for all actions

⚡ Risks

Social engineering indicators: SOCIAL_ENG_VAGUE_DESCRIPTION low

Mitigation: Provide clear, detailed description of skill functionality

Want a deeper analysis?

This report was generated by static analysis. Get an LLM-powered deep review with behavioral reasoning and attack surface mapping.

🧠 Deep Analysis — $5.00

🚨 Incident Response

Kill switch: Stop the agent process

Containment: Review logs for unexpected actions

Recovery: Depends on skill capabilities

📄 Raw SSDS JSON click to expand 
{
  "meta": {
    "document_id": "ssds:auto:fractal-memory:1.0.0",
    "ssds_version": "0.2.0",
    "scanner_version": "0.4.0+fe6fd9123d50",
    "created_at": "2026-03-05T13:53:03.489Z",
    "created_by": {
      "agent": "safeagentskills-cli/generate-ssds"
    },
    "language": "en",
    "notes": "Auto-generated SSDS. Manual review recommended."
  },
  "skill": {
    "name": "Fractal Memory",
    "version": "1.0.0",
    "format": "agent_skill",
    "description": "Automated hierarchical memory compression system that prevents context overflow through daily→weekly→monthly→core compression. Use when you need (1) long-term memory management without manual curation, (2) token-efficient context loading with attention-optimized hierarchy, (3) preventing session bloat from accumulated history, (4) automated memory rollups via cron, or (5) migrating from flat daily files to structured memory. Activates for memory architecture questions, context overflow issues, or setting up persistent agent memory.",
    "publisher": "unknown",
    "source": {
      "channel": "local"
    },
    "artifact": {
      "sha256": "73f906eedba2afacdba703ba53224aeef1a38131ea43885695322f0788fd2823",
      "hash_method": "files_sorted"
    }
  },
  "capabilities": {
    "execution": {
      "can_exec_shell": true,
      "can_exec_code": false,
      "privilege_level": "user",
      "can_install_deps": false,
      "can_persist": false
    },
    "filesystem": {
      "reads_workspace": true,
      "reads_user_home": false,
      "reads_system": false,
      "writes_workspace": true,
      "writes_user_home": true,
      "writes_system": false,
      "can_delete": false
    },
    "network": {
      "egress": "none",
      "ingress": false
    },
    "credentials": {
      "reads_env_vars": false,
      "reads_credential_files": false,
      "reads_browser_data": false,
      "reads_keychain": false
    },
    "services": [],
    "actions": {
      "can_send_messages": false,
      "can_post_public": false,
      "can_purchase": false,
      "can_transfer_money": false,
      "can_deploy": false,
      "can_delete_external": false
    },
    "prompt_injection_surfaces": [],
    "content_types": [
      "general"
    ]
  },
  "hazards": {
    "hdac": {
      "H": 3,
      "D": 1,
      "A": 1,
      "C": 1
    },
    "flags": [
      "EXEC",
      "FS_READ_WORKSPACE",
      "FS_WRITE_WORKSPACE",
      "FS_WRITE_USER"
    ],
    "custom_flags": [
      {
        "code": "SOCIAL_ENGINEERING",
        "name": "Social Engineering Risk",
        "description": "SOCIAL_ENG_VAGUE_DESCRIPTION: Skill description is too vague or missing"
      }
    ],
    "confidence": {
      "level": "medium",
      "basis": [
        "static_analysis"
      ],
      "notes": "Detected 1 security patterns (1 vendored rule hits). Review recommended."
    },
    "rationale": {
      "H": "H3: Shell/code execution or persistence detected",
      "D": "D1: Limited data access",
      "A": "A1: Local side effects only",
      "C": "C1: General content"
    }
  },
  "containment": {
    "level": "elevated",
    "required": [
      {
        "control": "SANDBOX_CONTAINER",
        "reason": "Code execution capability"
      }
    ],
    "recommended": [
      {
        "control": "LOG_ACTIONS",
        "reason": "Audit trail for all actions"
      }
    ],
    "uncontained_risk": "Risk level depends on manual review of actual capabilities."
  },
  "risks": {
    "risks": [
      {
        "risk": "Social engineering indicators: SOCIAL_ENG_VAGUE_DESCRIPTION",
        "severity": "low",
        "mitigation": "Provide clear, detailed description of skill functionality"
      }
    ],
    "limitations": [
      "Static analysis only - runtime behavior not verified"
    ]
  },
  "incident_response": {
    "kill_switch": [
      "Stop the agent process"
    ],
    "containment": [
      "Review logs for unexpected actions"
    ],
    "recovery": [
      "Depends on skill capabilities"
    ]
  },
  "evidence": [
    {
      "evidence_id": "EV:file-1",
      "type": "file_excerpt",
      "title": "scripts/append_to_daily.py",
      "file_path": "scripts/append_to_daily.py"
    },
    {
      "evidence_id": "EV:file-2",
      "type": "file_excerpt",
      "title": "scripts/ensure_daily_log.py",
      "file_path": "scripts/ensure_daily_log.py"
    },
    {
      "evidence_id": "EV:file-3",
      "type": "file_excerpt",
      "title": "scripts/rollup-daily.py",
      "file_path": "scripts/rollup-daily.py"
    },
    {
      "evidence_id": "EV:file-4",
      "type": "file_excerpt",
      "title": "scripts/rollup-monthly.py",
      "file_path": "scripts/rollup-monthly.py"
    },
    {
      "evidence_id": "EV:file-5",
      "type": "file_excerpt",
      "title": "scripts/rollup-weekly.py",
      "file_path": "scripts/rollup-weekly.py"
    },
    {
      "evidence_id": "EV:file-6",
      "type": "file_excerpt",
      "title": "scripts/verify_memory_integrity.py",
      "file_path": "scripts/verify_memory_integrity.py"
    },
    {
      "evidence_id": "EV:file-7",
      "type": "file_excerpt",
      "title": "SKILL.md",
      "file_path": "SKILL.md"
    },
    {
      "evidence_id": "EV:file-8",
      "type": "file_excerpt",
      "title": "_meta.json",
      "file_path": "_meta.json"
    },
    {
      "evidence_id": "EV:cisco-1",
      "type": "file_excerpt",
      "title": "SOCIAL_ENG_VAGUE_DESCRIPTION [LOW] SKILL.md:1: ---",
      "file_path": "SKILL.md"
    }
  ]
}