Are we underestimating how dangerous agent memory can become?

Most AI agent discussions focus on tools, MCP servers, workflows, and autonomy. But I think memory is going to become one of the messiest parts of agent systems. A stateless agent is limited. It forgets context, repeats questions, and needs constant instruction.....But once you give an agent memory, it starts carrying forward assumptions, user preferences, project details, retrieved data, past actions, and sometimes sensitive context...That creates a weird problem...Memory makes the agent more useful, it also makes the agent harder to trust...// A few questions I keep thinking about are - * What should an agent be allowed to remember? * Who can edit or delete that memory? * Should memory expire automatically? * Can poisoned or outdated memory affect future decisions? * Should memory be different for personal use, team use, and enterprise use? * How do you audit why an agent made a decision if part of the reason came from old memory? For simple chatbots, bad memory is annoying and for agents connected to tools, files, browsers, CRMs, codebases, or internal docs, bad memory can become operational risk.....I don’t think the answer is “no memory.” Agents need context to be useful.....But I also don’t think “just store everything” is safe. So how people building agents are handling this.....Are you keeping memory short-lived, user-controlled, scoped by project, reviewed manually, or just letting the agent decide what matters?????