Back to skill

Security audit

Memory Management

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only project-memory skill with sensitive but disclosed file-management behavior that is gated on user authorization.

Install only if you want an agent to manage project memory files. Before using write, archive, purge, snapshot, or cross-project comparison workflows, confirm the exact scope and paths, and avoid storing credentials, raw personal data, or production exports in memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Low
Confidence
68% confidence
Finding
The 'Cross-Project Memory' capability expands from managing a single project's working memory into comparing data across projects, which raises confidentiality and tenant-boundary concerns. In a memory skill, cross-project retrieval can expose unrelated client or project context if authorization and project scoping are not made explicit.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Broad commands like 'Run memory health check' or 'Create memory snapshot' are generic enough to be triggered unintentionally or matched in contexts the user did not mean to invoke this skill. Because the skill can inspect and mutate stored memory artifacts, ambiguous activation increases the risk of unauthorized reads, writes, or archival actions.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The examples show the skill creating and updating files directly without any warning, confirmation, or dry-run summary. In a memory-management context, silent modification is risky because it can overwrite project state, create misleading records, or persist sensitive information without the user's informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.