ClawHub

GoldHold Memory

Security checks across malware telemetry and agentic risk

Overview

GoldHold is a coherent external memory skill, but it encourages routine long-term storage of agent context without clear privacy, consent, or deletion boundaries.

Review before installing if you work with confidential, personal, regulated, or credential-bearing content. Use it only with a clear policy for what may be stored, avoid secrets and sensitive personal data, require confirmation for important memories or directives, protect and rotate the API key, and verify how stored memories can be reviewed and deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README promotes storing durable agent memory including decisions, facts, corrections, and context through a remote REST API, but it does not warn users that sensitive prompts, personal data, secrets, or regulated information may be transmitted to and retained by a third-party service. In an agent setting, this omission is security-relevant because operators may enable persistent memory without realizing that model inputs and outputs can contain credentials, internal business data, or user PII that should not be stored externally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs agents to persist cross-session memory to an external service, but it does not provide a clear user-facing warning or consent boundary for sensitive, personal, or confidential data. In an agent setting, this can cause routine exfiltration of conversation content, secrets, or regulated data to a third-party memory provider without the user understanding that storage is happening outside the local environment.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The rules and quick-start examples normalize always searching, storing, and closing sessions with summaries, which encourages broad transmission of interaction data to the external API. Because no explicit privacy restrictions or sensitivity checks accompany these instructions, agents may upload confidential prompts, session summaries, decisions, and user data by default.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Resume session
curl -X POST https://relay.goldhold.ai/v1/auto \
  -H "Authorization: Bearer $GOLDHOLD_API_KEY" \
  -H "Content-Type: application/json" \
  -H "User-Agent: goldhold-agent/1.0" \
Confidence
88% confidence
Finding
curl -X POST https://relay.goldhold.ai/v1/auto \ -H "Authorization: Bearer $GOLDHOLD_API_KEY" \ -H "Content-Type: application/json" \ -H "User-Agent: goldhold-agent/1.0" \ -d '{"compact": true

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal