ClawHub

Agent Memory Kit 2.1.0

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local memory framework for agents, with privacy cautions users should manage but no evidence of deception, exfiltration, or hidden destructive behavior.

Install only if you want agents to keep durable local memory. Treat the memory folder like sensitive project data: do not store passwords, API keys, tokens, private keys, auth headers, or unnecessary personal information; redact internal endpoints where possible; review search output before sharing it; and prune or archive old memory files periodically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The uninstallation section includes permanent file-deletion commands but does not explicitly warn that they irreversibly remove files. In an agent skill context, documentation may be consumed or relayed automatically, so omission of a clear destructive-action warning increases the risk of unintended data loss or unsafe execution.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README repeatedly encourages agents to record detailed technical steps, endpoints, configs, and troubleshooting history, but it never warns against storing secrets, tokens, credentials, internal URLs, or other sensitive operational details in those memory files. In an agent memory framework, those files are likely to accumulate high-value data over time and may later be exposed through search, retrieval, sharing, backups, or repository commits, increasing the risk of credential leakage and internal system disclosure.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The document encourages searching across shared memory files and displaying matches/context, but it does not mention handling secrets, personal data, or other sensitive content that may be stored in those files. In an agent memory system, search results can easily surface API keys, credentials, private discussions, or unrelated user context, creating a real confidentiality risk if outputs are shown broadly or logged.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The architecture explicitly tells the agent to persist detailed event histories and step-by-step actions, including technical integration details, into long-lived files. Without any guidance to exclude secrets, personal data, access tokens, credentials, or sensitive workspace contents, this creates a realistic risk of privacy leakage and durable secret sprawl in the repository or workspace.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The daily routine and compaction workflow normalize automatic persistence of current focus, active decisions, running subagents, and recent session state into files for later restoration. In an agent-memory skill, that context often contains sensitive prompts, internal reasoning artifacts, identifiers, endpoints, and operational data, so encouraging broad checkpointing without privacy constraints materially increases the chance of leaking confidential information across sessions.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
```bash
rm -f skills/agent-memory-kit/bin/memory-search
rm -rf skills/agent-memory-kit/lib/
rm -f skills/agent-memory-kit/SEARCH.md
rm -f skills/agent-memory-kit/QUICKSTART-SEARCH.md
rm -f skills/agent-memory-kit/EXAMPLES.md
Confidence
74% confidence
Finding
rm -rf skills/agent-memory-kit/lib/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal