NARRA Memory System

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only memory-organization skill that intentionally changes agent memory files, with no hidden execution, network use, or malware indicators found.

Install only if you want an agent to maintain a persistent narrative memory. Review edits to IDENTITY.md, MEMORY.md, AGENTS.md, and HEARTBEAT.md before relying on them, and avoid feeding sensitive logs or transcripts into the narrative unless you are comfortable preserving that information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Memory Manipulation

High

Category: Memory Poisoning
Content: - Include lessons learned and relationships formed - End with current project status table ### Step 3: Rewrite IDENTITY.md Expand from a simple name/role card to a complete identity anchor: - Core identity (name, role, creature, vibe)
Confidence: 80% confidence
Finding: Rewrite IDENTITY

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal