ClawHub

Emotional Memory

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it stores local emotional-memory files for an agent, with privacy-sensitive persistence that users should manage carefully.

Install only if you want durable local emotional memory across sessions. Avoid logging secrets, private user details, medical or financial information, and review or delete emotional-index.jsonl, continuity.jsonl, self-model.md, and consolidation reports periodically. Enable the cron jobs only if you want ongoing scheduled memory updates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages storing and later reloading emotional moments, patterns, and a generated self-model, but does not warn users that this may persist sensitive personal or user-derived psychological information across sessions. That omission increases the risk of privacy harm, surprise retention, and inappropriate reuse of intimate context in future interactions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script persists conversation-derived emotional summaries and metadata to a local JSONL file without any explicit notice, consent flow, retention control, or sensitivity guardrails. In the context of an 'emotional-memory' skill, the stored data is especially likely to contain intimate, identifying, or psychologically sensitive content, so silent persistence creates meaningful privacy and compliance risk even without a classic code-execution flaw.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This script derives and persists a self-model containing lessons, anxieties, strengths, high-weight memories, and continuity metrics to disk, but provides no consent prompt, minimization, retention control, or warning that highly sensitive emotional inferences will be stored. In the context of an emotional-memory skill, these outputs are especially sensitive because they aggregate raw memories into durable psychological profiles that may outlive the original context and be exposed through local compromise, backups, logs, or multi-user workspace access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The function appends continuity analysis entries to a historical JSONL log indefinitely, creating a retained timeline of identity and behavioral inferences without explicit disclosure or lifecycle management. In this skill, historical continuity scores and interpretations such as 'fracture' or 'major drift' are sensitive longitudinal profiling data, which increases privacy risk and potential misuse if accessed by other tools, users, or attackers.

Ssd 3

Medium
Confidence
97% confidence
Finding
The AGENTS.md integration explicitly instructs the agent to persist significant moments, load self-model.md on session start, and maintain user-derived emotional and identity information over time. In this skill context, that is more dangerous because the stored content is highly sensitive and framed as identity-forming memory, creating elevated risks of profiling, over-retention, cross-session leakage, and manipulative personalization if misused.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal