Penfield

Security checks across malware telemetry and agentic risk

Overview

Penfield is a disclosed persistent-memory skill; its privacy implications are real but align with its stated purpose and are not hidden.

Install only if you want an agent memory service that can retain preferences, decisions, project context, checkpoints, and files across sessions and integrations. Avoid saving secrets, regulated data, confidential files, or personal details unless you understand Penfield's retention, review, access, and deletion controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The guidance for `penfield_store` is broad enough to encourage storing information from many ordinary user interactions without a narrowly scoped consent or necessity check. In a persistent memory skill, this increases the chance of over-collection of personal, sensitive, or contextual data that may be retained across sessions and reused in ways the user does not expect.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The top-level description promotes persistent cross-session memory but does not prominently warn that user-related data may be retained over time. This can mislead users and downstream integrators about the privacy implications, reducing informed consent and making inadvertent long-term storage of personal information more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal