ClawHub

AVM Memory

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate shared-memory skill, but it needs review because it allows messages from one agent to be injected into another agent's normal reads.

Install only if you intentionally want a persistent shared memory layer for trusted agents. Verify the external AVM implementation before running it, avoid enabling script/plugin/HTTP handlers unless you trust their configuration, keep sensitive data out of shared namespaces, and treat urgent cross-agent messages as untrusted input.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

High
Confidence
97% confidence
Finding
The README documents a mechanism for cross-agent messages, including urgent messages that affect another agent's next read, without strong integrity and privacy warnings. In a multi-agent environment this can become an untrusted content injection path, enabling one agent or user to influence another agent's behavior, corrupt outputs, or exfiltrate sensitive context through induced actions.

Ssd 1

High
Confidence
99% confidence
Finding
Injecting urgent cross-agent messages into the recipient's next file read creates a semantic prompt-injection channel across trust boundaries. An attacker controlling or compromising one agent can plant instructions or misleading context into another agent's workflow, causing unauthorized actions, data leakage, or corruption of downstream decisions, especially because the feature is embedded into normal read paths.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal