Back to skill

Security audit

Openclaw Memory Ollama

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only guide for setting up local long-term memory, with the main privacy risk clearly tied to its intended purpose.

Install this only if you want OpenClaw to keep local long-term memories. Review the cognitive-brain dependency separately, use dedicated local database credentials, protect configuration files, and make sure you have a way to inspect and delete stored memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The architecture describes memory writes being triggered by a simple phrase such as “记住”, which is broad enough to appear in normal conversation, quoted text, or prompt-injected content. In a long-term memory system, this can cause unintended persistence of sensitive or low-quality data, especially because the document also indicates storage into permanent PostgreSQL-backed memory.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document shows a pipeline that extracts user content, embeds it, and stores it permanently in PostgreSQL, but it does not warn users that conversation-derived content may be retained long term. This creates privacy and consent risk because users may disclose sensitive information without realizing it will become durable memory rather than transient context.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.