Back to skill

Security audit

Auto Chatlog

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local chat-memory skill, but it automatically persists and reloads conversation history and includes unsafe credential-memory instructions that users should review carefully.

Install only if you intentionally want automatic persistent chat memory. Avoid sharing passwords, API keys, tokens, session cookies, or confidential personal/business details while it is active, and regularly inspect or delete MEMORY.md and memory/YYYY-MM-DD.md files. The credential-retention language should be fixed before use in sensitive environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill directs the agent to automatically read recent memory files and maintain cross-session context without a clear privacy notice, consent flow, retention policy, or data minimization boundary. Automatic collection and reuse of conversation content can expose sensitive personal or business information across sessions and to unintended contexts.

Missing User Warnings

Critical
Confidence
99% confidence
Finding
The skill explicitly instructs storing credential/configuration information in MEMORY.md and even suggests an exception for plaintext secrets already present there. Persisting credentials in reusable memory files creates a high-risk secret-retention mechanism that can lead to credential theft, privilege escalation, and long-term compromise if the files are read, synced, or leaked.

Ssd 3

High
Confidence
98% confidence
Finding
The skill tells the agent to persist user-provided credentials, preferences, and conversation details across sessions. This creates durable storage of sensitive data outside the immediate conversation, increasing the blast radius of any filesystem exposure, backup leak, or accidental reuse in future contexts; the credential-storage aspect makes this especially dangerous.

Ssd 3

Medium
Confidence
94% confidence
Finding
The skill broadly instructs automatic logging of key conversation content and future-session loading without clear minimization rules, purpose limitation, or separation of sensitive vs. non-sensitive material. In a memory/archive skill this context makes the issue more dangerous, because pervasive default logging encourages overcollection and unintended disclosure over time.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.