Mema Vault

Security checks across malware telemetry and agentic risk

Overview

This is a local credential vault with no exfiltration signs, but it handles secrets in ways users should review carefully before installing.

Install only if you are comfortable with a simple local vault. Do not enter high-value passwords as command-line arguments in shared shells, CI, or logged terminals; protect MEMA_VAULT_MASTER_KEY; restrict access to the skill data directory; and assume service names, usernames, and metadata may be visible to anyone who can read the local database.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill markets itself as a secure credential manager, but the described behavior indicates that service names, usernames, and metadata may be stored in plaintext and enumerated via listing and partial-match lookup. Even if passwords are encrypted, this leaks sensitive account inventory and contextual metadata that can help an attacker map systems, target users, or infer secrets from labels and notes.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: Accepting the secret as a positional command-line argument exposes it through shell history, process listings, audit logs, and job-control tooling on many systems. In a credential manager context, this is especially risky because the tool is explicitly intended to handle highly sensitive secrets, so leakage can defeat the benefit of encryption at rest.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal