ClawHub

Engram

Security checks across malware telemetry and agentic risk

Overview

Engram is a coherent local memory tool, but it needs Review because it encourages durable storage and automatic recall of sensitive information, including credentials, without clear safeguards.

Review carefully before installing. Do not store passwords, API keys, tokens, regulated data, or raw confidential conversations in this memory store. Keep the server bound to localhost, restrict which tools and MCP clients can access it, inspect or pin the npm package if possible, and remember that the documented decay model preserves archived memories rather than fully deleting them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly encourages storing sensitive client and user information, including preferences, project status, complaints, dates, and even credentials, in persistent memory without any privacy, minimization, retention, or consent guidance. Because this memory is durable across sessions and later exposed through search, recall, API, and dashboard features, agents may retain and surface sensitive data long after its original context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents a local REST API and dashboard for reading and writing persisted memories but does not warn that sensitive memory contents become accessible over an HTTP interface. Even when bound to localhost, any local process, browser extension, malware, or unintended port exposure can query or manipulate stored data, increasing the blast radius of any sensitive information saved by the skill.

Ssd 3

Medium
Confidence
98% confidence
Finding
The guidance encourages storing highly sensitive information in persistent memory, and the example list includes credentials, which are especially dangerous because they can enable direct account compromise. In a memory system designed for long-term retrieval and cross-session recall, secrets are likely to be resurfaced, copied into prompts, or exposed through local interfaces and exports.

Ssd 3

Medium
Confidence
94% confidence
Finding
Telling users to ingest conversations into persistent memory can capture sensitive disclosures, confidential business details, and personal data without review or filtering. Because the system supports durable storage, semantic retrieval, and export, private statements may later be surfaced in unrelated contexts or retained beyond user expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal