ClawHub

Viking Memory

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local long-term memory skill, but it can persist conversation-derived information without clear consent, retention, or deletion controls.

Install only if you want an agent to use a local OpenViking long-term memory store. Configure the agent to ask before saving memories, avoid storing secrets or sensitive personal data, and confirm you have a way to inspect and delete saved memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly says important information may be automatically saved, but it provides no notice, consent flow, or criteria for what qualifies as important information. In a long-term memory system, this can lead to silent retention of sensitive personal data, secrets, or regulated information without user awareness or control.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill persists arbitrary user-provided content into long-term memory without any user-facing notice, consent flow, retention policy, or sensitivity checks. In a memory skill, this increases privacy risk because users may unknowingly store secrets, personal data, or regulated information for later retrieval or exposure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
All queries and memory contents are sent over HTTP to a network service without explicit disclosure, and the URL uses plaintext HTTP rather than HTTPS. Even though it targets localhost, undisclosed network transmission of sensitive memory data can violate user expectations and may be exposed through local interception, proxying, logs, or container/network boundary assumptions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal