Back to skill

Security audit

Cross Platform Memory Hub

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed, opt-in Obsidian memory workflow with payment verification, and I found no hidden exfiltration or destructive behavior.

Install only if you want an Obsidian-based memory workflow and are comfortable with the disclosed payment endpoint. Treat all reads and writes as opt-in: review paths and summaries before confirming, do not store secrets in memory files, and enable Claude Code hooks only after setting the documented MEMORY_HUB consent variables yourself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises and instructs use of environment variables, local file reads/writes, and network-backed payment/authorization flows, but it does not declare corresponding permissions. This creates a transparency and consent gap: a host or reviewer cannot reliably enforce or present the skill's actual capabilities, increasing the risk of unexpected local data access or outbound requests during configuration, payment, or memory operations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.