火一五记忆

Security checks across malware telemetry and agentic risk

Overview

This is a local memory skill, but it appears to save chat information persistently and into shared memory with unclear user consent and retention controls.

Review this skill before installing, especially if multiple users or chats share the same agent environment. Use it only if you are comfortable with chat-derived information being written to local memory across sessions, and prefer a version that saves only on explicit user request and provides a way to inspect and delete saved entries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The activation condition includes any 'conversation end' event, which is broad enough to persist information from ordinary chats without a clear, specific user intent to store memory. In a memory-management skill that writes both personal and shared data, this increases the chance of unintended retention of sensitive, private, or irrelevant content.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill describes per-user and shared persistent memory but does not warn users that their information may be stored across sessions and, in the shared case, exposed to other users. In this context, the lack of transparency meaningfully raises privacy and consent risks because users may reveal personal preferences, decisions, or project knowledge without realizing it will be retained.

VirusTotal

No VirusTotal findings

View on VirusTotal