Back to skill

Security audit

小星记忆系统

Security checks across malware telemetry and agentic risk

Overview

This is a file-based persistent memory skill that does what it says, with privacy considerations users should manage.

Install this only where persistent agent memory is desired. Avoid saving passwords, tokens, financial details, or sensitive personal information, and periodically inspect or delete MEMORY.md, USER.md, memory/, and any private memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is broad enough to activate on ordinary requests involving history, preferences, or saving information, which can cause the agent to invoke persistent memory behavior more often than users expect. In a memory skill, over-triggering increases the chance of unnecessary retention of sensitive user data and can expand the attack surface for privacy and data-governance failures.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill is explicitly designed for cross-session persistent storage of user-related information but does not provide any user-facing notice, consent flow, retention policy, or privacy constraints. Because it handles historical tasks, preferences, names, and other potentially sensitive data, this omission can lead to unauthorized retention of personal information and noncompliant handling of user data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.