Source repository: rohitg00/agentmemory
Source pull request number: 6
Source URL: intentionally omitted to avoid GitHub cross-references
Title: fix: comprehensive security and reliability audit
Author: rohitg00
State: closed
Draft: no
Merged: yes
Head: rohitg00/agentmemory:audit-fixes @ 8c66484
Base: main @ d400b05
Labels: (none)
Changed files: 0
Commits: 0
Created: 2026-02-27T06:27:58Z
Updated: 2026-02-27T06:53:57Z
Closed: 2026-02-27T06:53:53Z
Merged at: 2026-02-27T06:53:53Z
Original PR body:
Summary
Fixes all 17 findings from a comprehensive security, code quality, and reliability audit of agentmemory v0.3.0.
Critical (5)
- Auth on unprotected endpoints — Added
checkAuth to api::health, api::sessions, api::observations, and mcp::tools::list
- Path traversal — Removed
~/.claude from migration ALLOWED_DIRS (exposes plugin credentials)
- Import DoS — Added payload size limits: 10K sessions, 50K memories, 10K summaries, 5K obs/session
- Index persistence bug —
load() created new instances but never restored into active singletons; added restoreFrom() to SearchIndex and VectorIndex
High (5)
- Unbounded expandIds — Capped to 20 in smart-search and MCP
- BFS explosion — Capped to 500 visited nodes and 5 max hops; fetch relations once before loop (was O(N²) KV reads per BFS iteration)
- Observe validation — Added input validation for sessionId, hookType, timestamp
- Error leakage — Sanitized provider errors in compress and migrate (return generic messages)
- CSP hardening — Replaced
'unsafe-inline' with 'self' for scripts/styles
Medium/Low (7)
- O(n²) contradiction cap — Limited auto-forget to 1000 latest memories
- Secret detection — Added patterns for Anthropic (
sk-ant-*), GitHub PAT (github_pat_*), Gemini (AIza*)
- Input validation — Validate files/concepts arrays in remember
- Corrupt data resilience — Wrapped
deserialize() in try/catch for SearchIndex and VectorIndex
- Config NaN safety — Added fallback for parseInt NaN in config
- Dead code — Removed unused
ObservationQueue class
Test plan
Summary by CodeRabbit
-
New Features
- Added a liveness HTTP endpoint (/agentmemory/livez) for simple health checks.
- Expanded import validation with strict quotas and shape checks.
-
Security
- Enforced authentication on health, sessions, observations and related endpoints.
- Tightened content security policy.
-
Bug Fixes
- Better input validation and standardized error responses.
- More robust configuration parsing with sensible defaults.
-
Performance
- Caps on memory processing and search expansion with a truncated indicator returned.
Local branch:
Fork PR:
Fork decision:
Verification:
Notes:
Source repository: rohitg00/agentmemory
Source pull request number: 6
Source URL: intentionally omitted to avoid GitHub cross-references
Title: fix: comprehensive security and reliability audit
Author: rohitg00
State: closed
Draft: no
Merged: yes
Head: rohitg00/agentmemory:audit-fixes @ 8c66484
Base: main @ d400b05
Labels: (none)
Changed files: 0
Commits: 0
Created: 2026-02-27T06:27:58Z
Updated: 2026-02-27T06:53:57Z
Closed: 2026-02-27T06:53:53Z
Merged at: 2026-02-27T06:53:53Z
Original PR body:
Summary
Fixes all 17 findings from a comprehensive security, code quality, and reliability audit of agentmemory v0.3.0.
Critical (5)
checkAuthtoapi::health,api::sessions,api::observations, andmcp::tools::list~/.claudefrom migrationALLOWED_DIRS(exposes plugin credentials)load()created new instances but never restored into active singletons; addedrestoreFrom()to SearchIndex and VectorIndexHigh (5)
'unsafe-inline'with'self'for scripts/stylesMedium/Low (7)
sk-ant-*), GitHub PAT (github_pat_*), Gemini (AIza*)deserialize()in try/catch for SearchIndex and VectorIndexObservationQueueclassTest plan
npm run build— clean (130KB bundle)npx tsc --noEmit— zero type errorsnpx vitest run— 144/144 tests pass (14 integration skipped, requires running server)Summary by CodeRabbit
New Features
Security
Bug Fixes
Performance
Local branch:
Fork PR:
Fork decision:
Verification:
Notes: