ClawHub
Back to skill

Security audit

Memory Setup 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a clear memory-setup guide whose privacy-sensitive behavior is expected for its purpose, but users should configure it carefully.

Install this only if you want persistent memory search. Keep secrets, credentials, regulated data, and sensitive personal details out of indexed memory files or sessions; use the local provider for sensitive work, or review Voyage/OpenAI data-handling terms before enabling remote embeddings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly encourages enabling persistent indexing of MEMORY.md, daily logs, sessions, and user preferences, but provides no privacy notice, consent guidance, retention limits, or data-classification caveats. Because the feature is designed to collect and surface sensitive personal and conversational context over time, omission of data-handling warnings materially increases the risk of over-collection, unintended retention, and exposure of private information.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The provider setup instructs users to configure Voyage or OpenAI API keys without warning that memory files and possibly session-derived content may be transmitted to third-party embedding services for processing. In the context of a memory feature that indexes long-term notes and transcripts, this omission can cause users to unknowingly send sensitive workspace data, preferences, or conversation history outside their environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal