We checked this and rejected itprivacy

mem0-personal-memory: why it is not safe to use

mem0-personal-memory is well-built, but in its default cloud mode your memory text is sent to mem0 and OpenAI, which is why we flag it on privacy.

What we found

The code is clean. Our scan found no prompt injection, no hidden directives, no shell or OS command execution, no obfuscated payloads, and no hardcoded secrets. API keys are read from environment variables (`MEM0_API_KEY`, `OPENAI_API_KEY`, `SUPABASE_KEY`), and the skill does not scan for or harvest other credentials. It communicates over JSON-RPC stdio and stays scoped to its memory store, with no privilege escalation.

Our two flags are about where your data goes. In the default cloud mode, memory content is sent to mem0's servers and to OpenAI to generate embeddings. The skill also makes outbound calls to mem0 Cloud, OpenAI, and optionally Supabase. These are the documented service endpoints, not arbitrary URLs, but the content still leaves your machine.

What to do instead

If you want the memory features without sharing content with third-party clouds, use the local or self-hosted mode the project supports, which keeps data off those services. If you stay on cloud mode, treat it like any hosted service: avoid storing secrets or sensitive personal details, and review mem0's and OpenAI's data policies before you enable it.

Want the same outcome, safely? Use our checked skill instead.

Source: https://github.com/pinkpixel-dev/mem0-mcp

We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.

Copied to clipboard. Go back to ChatGPT or Claude and paste it to teach the skill.