Back to skill
Skillv1.0.0
VirusTotal security
Memoria Memory System · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:36 AM
- Hash
- c6d45d2ac14dec391b6b62aafccf9ae998261d078c9137688785b52e43bf2546
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: memoria-system Version: 1.0.0 The skill bundle is classified as suspicious due to the extensive use of powerful shell commands (`rm -rf`, `tar`, `cp -r`, `find -exec`) in `memory-backup.sh`, `memory-rollback.sh`, and `memory-health-check.sh`. While these operations are necessary for the stated purpose of memory management, backup, and rollback, they operate on file paths that can be overridden via command-line arguments (`--path`, `--output`). This creates a significant vulnerability where an AI agent, if subjected to prompt injection, could be instructed to pass malicious paths, potentially leading to arbitrary file deletion, overwriting, or other forms of remote code execution on the host system. There is no clear evidence of intentional malicious behavior such as data exfiltration or backdoor installation within the scripts themselves; the risk stems from the powerful capabilities and potential for misuse through argument manipulation.
- External report
- View on VirusTotal