ClawHub

memo-bridge

Security checks across malware telemetry and agentic risk

Overview

MemoBridge has a legitimate memory-migration purpose, but it asks agents to run an unspecified local CLI that can read, export, and rewrite persistent AI memory files.

Install only if you have a trusted, reviewed MemoBridge CLI from a known source. Use explicit workspace paths, run dry-run first, inspect and redact `memo-bridge.md` before importing or pasting it into another AI tool, and back up existing memory files before any write or overwrite operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is very broad and includes generic phrases about moving context, preferences, or switching tools, which can cause the skill to activate in situations where the user did not intend full memory export or migration. In this skill's context, over-activation is risky because the capability involves extracting and transferring potentially sensitive memory/state across tools, increasing the chance of unintended data exposure.

Vague Triggers

Low
Confidence
88% confidence
Finding
The usage guidance lists many situations where the skill should be used but provides no boundaries for when it should not be used. Without negative examples or constraints, an agent may invoke the skill for loosely related requests and begin handling memory data unnecessarily, which is dangerous given that the skill is designed to copy assistant memory and project context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages exporting, backing up, and sharing AI memory with other tools or teammates, but it does not prominently warn that such memory may contain secrets, personal data, credentials, internal project details, or sensitive historical context. Even with claimed sanitization features, users may overtrust the process and unintentionally copy high-value data into less trusted tools, chats, or shared files.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal