ClawHub

SeekDB Memory

Security checks across malware telemetry and agentic risk

Overview

This cloud memory skill is purpose-aligned, but it defaults to automatic long-term cloud storage and prompt reuse of conversation facts without enough privacy, retention, or scoping controls.

Install only if you intentionally want a third-party cloud memory system to retain conversation-derived facts across sessions and devices. Review the m0 plugin and endpoint separately, use a dedicated API key, avoid secrets or regulated data, and disable or limit autoCapture/autoRecall unless you have clear controls to view, correct, and delete stored memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill explicitly advertises automatic cloud capture of conversation-derived facts and automatic recall before replies, but it does not present a clear privacy warning, consent flow, or data-transmission disclosure. This is dangerous because users may share sensitive personal, business, or credential-adjacent information without realizing it will be persistently stored remotely and later re-injected into prompts.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documented default behavior says the plugin automatically extracts key facts after each conversation and stores them, but it does not clearly warn about persistent retention of user data. This creates a privacy and data-governance risk because users and deployers may unknowingly persist regulated, confidential, or sensitive information to a third-party memory system.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill promotes persistent collection and cross-session reuse of user-shared facts without defining sensitivity boundaries, exclusion rules, or safe handling for secrets and personal data. In context, this makes the memory system more dangerous because it is designed to operate broadly across conversations, increasing the chance that sensitive information will be stored and resurfaced in inappropriate contexts.

Ssd 3

Medium
Confidence
96% confidence
Finding
The default behavior instructs automatic extraction of key facts from every conversation and automatic injection of prior memories into prompts, which creates a broad data-minimization and prompt-exposure risk. Even without overtly malicious intent, this can cause sensitive past information to be surfaced to the model unnecessarily or in the wrong conversational context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal