ClawHub
Back to skill

Security audit

Fpms Memory

Security checks across malware telemetry and agentic risk

Overview

This is a plausible memory tool, but it automatically saves conversation-derived project details while leaving retention, deletion, and external sync boundaries unclear.

Install only if you are comfortable with an agent automatically creating and updating persistent memory from ordinary conversations. Before enabling it, verify the exact focalpoint version, where the SQLite database is stored, how memories can be reviewed and deleted, whether automatic logging can be disabled or made confirmation-based, and whether GitHub or Notion sync can send data outside your machine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to persist user project details, decisions, and conversation takeaways in every conversation, but it provides no consent, minimization, retention, or sensitivity-handling guidance. In a memory skill, this creates a real privacy risk because users may disclose confidential business plans, credentials-adjacent details, or sensitive personal information that gets stored by default and resurfaced later.

Ssd 3

Medium
Confidence
95% confidence
Finding
The automatic rules require storing user decisions and key takeaways across every conversation, which establishes ongoing retention of plain-language sensitive context without any boundary checks. Because the skill is specifically designed for cross-conversation continuity, the context makes the issue more dangerous: it normalizes broad memory capture and increases the chance of accidental disclosure, over-retention, or inappropriate reuse of prior confidential context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal