Back to skill

Security audit

Memory Hygiene

Security checks across malware telemetry and agentic risk

Overview

The skill is openly about cleaning Clawdbot memory, but it includes instructions that can permanently delete memory and schedule repeated unattended wipes.

Install only if you intentionally want guidance for fully resetting Clawdbot vector memory. Before using the wipe or cron instructions, back up or export memory, confirm the exact target path, keep a rollback plan, and avoid monthly automation unless recurring unattended memory resets are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill presents `rm -rf ~/.clawdbot/memory/lancedb/` as a simple cleanup step without an explicit warning that it irreversibly deletes all vector memory. Users may run it casually and lose important retained data, including the skill's own examples of key facts and credential locations, causing data loss and operational disruption.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Automating a recurring monthly wipe creates repeated destructive behavior without any warning, confirmation gate, backup step, or validation of what will be deleted. If enabled, it can silently erase valuable memory on a schedule and normalize unsafe deletion practices, increasing the chance of persistent data loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.