ClawHub

Memory Guardian

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent memory-maintenance tool, but it tells agents to permanently retain credentials and perform deletion or rollback workflows without adequate safeguards.

Review before installing. Use the script only as a diagnostic unless you add explicit approval and backup steps. Do not allow this skill to store raw API keys, passwords, tokens, private keys, or credentials in permanent memory; keep only non-sensitive references and use a proper secret manager. Require user approval and a diff or backup before deleting session files or restoring memory from git history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs deletion of session files as part of normal workflow without requiring confirmation, backup, or explicit warning about irreversible data loss. In an agent context, this can lead to accidental destruction of user data, audit history, or context needed for safe operation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The emergency recovery guidance uses `git checkout <hash> -- memory/`, which overwrites current files in the target path, but the skill does not warn about clobbering newer state. An agent following this literally could destroy recent user changes while attempting recovery.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The instruction to preserve 'Credentials/keys → permanent (NEVER lose these)' encourages indefinite retention of secrets in long-lived memory. This materially increases the chance of later exposure through prompt injection, accidental retrieval, repo leaks, logs, backups, or unauthorized file access.

Ssd 3

High
Confidence
99% confidence
Finding
Directing the agent to promote credentials and keys into permanent memory creates a durable secret-retention channel, making sensitive material easier to exfiltrate and harder to govern. In the context of a memory-management skill, this is more dangerous because the whole purpose is persistent storage and retrieval, increasing the blast radius of any future compromise.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal