ClawHub

OpenClaw Memory Core

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local memory utility library, but users should understand that redaction is not complete and optional custom embedders can send memory text to third parties.

Install if you are comfortable with local persistent memory files. Use the default HashEmbedder when memory must stay local, require an explicit privacy review before configuring any remote embedder, redact before storage, and do not treat DefaultRedactor as a complete data-loss prevention control because encoded or visually obfuscated secrets can bypass it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The README makes a broad safety claim of 'no hidden data exfiltration' while also documenting a supported custom embedder that transmits memory text to a third-party API. Even if the transmission is optional and user-configured, the documentation is misleading because users may infer that memory contents never leave the local environment.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The example shows memory text being sent to an external embedding service without a clear warning about privacy, retention, compliance, or secret-handling implications. In a memory plugin context, stored text may contain sensitive conversational or credential-adjacent data, so normalizing remote transmission without explicit caution increases the risk of unintentional data disclosure.

External Transmission

Medium
Category
Data Exfiltration
Content
id: "openai-text-embedding-3-small",
  dims: 1536,
  async embed(text) {
    const res = await fetch("https://api.openai.com/v1/embeddings", {
      method: "POST",
      headers: {
        Authorization: `Bearer ${process.env.OPENAI_API_KEY}`,
Confidence
84% confidence
Finding
fetch("https://api.openai.com/v1/embeddings", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
id: "openai-text-embedding-3-small",
  dims: 1536,
  async embed(text) {
    const res = await fetch("https://api.openai.com/v1/embeddings", {
      method: "POST",
      headers: {
        Authorization: `Bearer ${process.env.OPENAI_API_KEY}`,
Confidence
84% confidence
Finding
https://api.openai.com/

VirusTotal

No VirusTotal findings

View on VirusTotal