PARA Memory System

Security checks across malware telemetry and agentic risk

Overview

This is a real local memory skill, but it asks agents to automatically store and reread personal context across sessions without enough user controls.

Review and edit the AGENTS.md template before installing. Add explicit rules for what may be saved, what must never be saved, how to review or delete memory, and whether automatic consolidation is allowed. Remove or require explicit approval for calendar checks, broad file exploration, and external lookups unless you intentionally want those privileges.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (4)

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill explicitly tells the agent to write and retain user information, preferences, and learned facts across sessions, but it provides no notice, consent, minimization, or retention controls. This creates a clear privacy and data-governance risk because sensitive personal or business information may be stored durably without the user's awareness or authorization.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The template instructs the agent to automatically read personal context files, including tacit knowledge about the human, at session start and says not to ask permission. That creates privacy and consent risk because sensitive personal information is normalized as always-readable persistent state without an explicit notice, minimization rule, or user opt-in boundary.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The guidance encourages persisting user information, preferences, mistakes, and lessons learned into durable files so future sessions can reuse them. Without retention limits, sensitivity filtering, or a user-facing warning, this can lead to over-collection of personal data and creation of long-lived dossiers that users may not expect.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The instructions normalize continuous cross-session persistence and consolidation of user facts, decisions, preferences, and tacit knowledge into multiple files. In context, this increases the chance of unbounded accumulation, accidental disclosure to later sessions, and leakage of sensitive natural-language data that was shared for a single interaction rather than long-term retention.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal