Back to skill

Security audit

Pieces Long-Term Memory (MCP)

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it gives OpenClaw persistent read/write access to a tunneled long-term memory service with too few user-control safeguards.

Install only if you intentionally want OpenClaw to access and write to your Pieces long-term memory. Prefer a private or authenticated tunnel, verify the MCP endpoint, review the mcporter.json change before applying it, restart the gateway only when ready, and set explicit rules for what the agent may store or retrieve.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to modify a persistent local configuration file and install a global npm package, but it does not require explicit user approval or clearly warn that these actions change the host environment. That creates a real safety issue because an agent following the skill could make durable system changes or introduce unreviewed software onto the machine.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs restarting the OpenClaw gateway without warning that this will interrupt the current session and may disrupt other active workflows. An agent could therefore cause an availability impact or break in-progress work unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.