ClawHub

🧠 EchoFadeMemory

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed long-term memory skill that stores and recalls user/project context through a configured memory service, with privacy-sensitive behavior users should intentionally enable.

Install only if you want cross-session memory. Before enabling it, confirm EFM_BASE_URL points to a trusted service, understand whether embeddings use a local or external provider, and avoid storing secrets, credentials, sensitive screenshots, receipts, or third-party personal data unless you deliberately want them retained. Use the forget workflow for obsolete or unwanted memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger rules are extremely broad and encourage implicit activation for many ordinary continuity phrases, causing the skill to perform recall or storage without a clear, current user request. In a memory skill, over-triggering is especially risky because it can surface prior sensitive context or persist new personal data when the user did not intend durable retention.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to store screenshots, receipts, whiteboards, and OCR text in long-term memory, but it does not provide a prominent user-facing warning or consent model for retaining such artifacts. These inputs often contain secrets, financial data, personal information, or third-party data, so silent retention materially increases privacy and data-protection risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The templates explicitly encourage storing durable user preferences, session handoffs, personal state, and project decisions, but they provide no guidance on consent, minimization, retention limits, or handling sensitive data. In a memory skill whose purpose is proactive long-term recall, that omission can lead to over-collection and persistence of personal information beyond user expectations, creating privacy and compliance risk.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger conditions are broad, conversational, and likely to match ordinary user language, which can cause memory recall or persistence workflows to activate without clear user intent. In this skill’s context, that increases the chance of collecting, retrieving, or acting on long-term personal context when the user did not knowingly consent to memory usage, creating privacy and data-minimization risks.

Missing User Warnings

High
Confidence
98% confidence
Finding
The file explicitly instructs the agent to immediately store user information and screenshots, including potentially sensitive visual artifacts, without requiring notice, consent, or a sensitivity check. Because this skill is designed for durable long-term memory, automatic persistence can lead to unauthorized retention and transmission of personal or confidential data beyond the current session.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script forwards the user-provided target value to a remote /v1/tools/forget endpoint with no disclosure, confirmation, or local-only alternative. In a memory-management skill, this means sensitive queries, identifiers, or memory references may be transmitted off-host unexpectedly, which creates privacy and data-handling risk even if the behavior is functionally intended.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script sends the raw user-provided query to a remote /v1/tools/recall endpoint with no notice, confirmation, or visible disclosure at the point of transmission. In the context of a long-term memory skill that is intended to recall prior personal context, queries may contain sensitive personal, behavioral, or account-related information, so silent transmission increases privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends user-provided memory content, image paths/URLs, OCR text, tags, and related metadata to a remote service over HTTP(S) without any user-facing disclosure, confirmation, or consent check. In a memory skill whose purpose is to persist durable personal context, this creates meaningful privacy risk because sensitive personal data may be exfiltrated or stored remotely without the user's clear awareness.

Ssd 3

Medium
Confidence
93% confidence
Finding
The natural-language guidance tells the agent to persist user-provided information and images immediately, which normalizes background long-term storage as a default behavior. In this context, the danger is amplified because screenshots and recalled context may contain sensitive personal, business, or credential-adjacent information that users may expect to remain transient.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs proactive recall and storage of sensitive personal context, including location, appearance, and recent behavior, which increases the chance of collecting, retaining, and resurfacing highly sensitive user data without clear necessity, minimization, or consent boundaries. In a memory-oriented skill this is more dangerous, because the workflow normalizes persistent handling of intimate context and encourages over-triggering recall before answering.

Session Persistence

Medium
Category
Rogue Agent
Content
## Claude Code Setup

Create `.claude/settings.json`:

```json
{
Confidence
72% confidence
Finding
Create `.claude/settings.json`: ```json { "hooks": { "UserPromptSubmit": [ { "matcher": "", "hooks": [ { "type": "command", "command": "~

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal