Security audit

EverMemory

Security checks across malware telemetry and agentic risk

Overview

EverMemory is a clearly disclosed persistent-memory skill, and the reviewed artifact does not show hidden install behavior or purpose-mismatched actions.

Install this only if you want the agent to keep persistent memory about you and your projects. Review stored memories, profiles, and rules periodically, avoid storing secrets, and require clear confirmation before exports, imports, restores, or rule changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation condition is very broad, triggering on generic memory, preference, rules, and briefing-related topics without clear scoping or user-intent confirmation. In an agentic system, this can cause the skill to activate in conversations where persistent memory operations are unnecessary or sensitive, increasing the risk of inappropriate memory reads, writes, exports, or profile inference.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.