Slim Project Memory

Security checks across malware telemetry and agentic risk

Overview

This skill reorganizes project memory and documentation, and its sensitive handling is disclosed and mostly constrained to env-var references rather than real secrets.

Install only if you want an agent to reorganize project documentation and Claude memory files in the target repository. Review the proposed migration map before edits, verify CLAUDE.local.md is gitignored, and do not put real passwords, tokens, database URLs, or API keys into markdown files.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: This is a true issue because the case study includes a concrete execution step to create `CLAUDE.local.md` containing live DB URLs, FalkorDB credentials, and a GitHub PAT. Although the document warns at the top that this is the deprecated approach, preserving the old workflow in procedural form can still cause readers or downstream agents to replicate insecure secret-handling practices and normalize plaintext credential storage in markdown files.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal