Back to skill

Security audit

OpenClaw Memory Canonical

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local file-based memory skill that persists workspace memory files and helper scripts, with no evidence of hidden network access, credential theft, or destructive behavior.

Install this only if you want an agent to maintain durable local workspace memory. Review the bundled scripts before syncing them into memory/scripts, back up any local custom scripts first, and avoid invoking the skill for purely theoretical memory conversations if you do not want workspace files changed. VirusTotal was pending, and no artifact-backed malicious or suspicious behavior was found.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The activation criteria are so broad that the skill can trigger on many ordinary conversations about memory, AI behavior, or improvement, causing an agent to adopt complex file-write and shell-command workflows in contexts where they were not requested. In an agent ecosystem, over-broad auto-activation increases the chance of unintended filesystem modification, execution of bundled scripts, and context hijacking through persistent memory operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.