Context Memory Recovery

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed file-based memory skill that can write workspace recovery notes, with no executable code or hidden behavior found.

Install this only if you want agents to maintain recovery files in the workspace. Review the generated memory files periodically, avoid using it in shared or untrusted repositories without consent, and do not store passwords, tokens, private keys, or sensitive personal data in these files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list accepts broad natural-language phrases like 'remember this' and 'we may need this later' as write commands, which can cause unintended activation during ordinary conversation. In a file-writing skill, accidental triggering can persist incorrect, sensitive, or partial context to workspace memory files, creating integrity and privacy risks across future sessions.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill directs the agent to create and update persistent workspace files as part of normal operation, but it does not require a clear user-facing notice that files will be modified. This can lead to silent persistence of data, surprising side effects in repositories or shared workspaces, and inadvertent storage of sensitive operational details.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal