ClawHub

Claude Memory

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local memory-management skill, with real privacy considerations but no evidence of hidden, destructive, or exfiltrating behavior.

Install this only in a private workspace where persistent agent memory is desired. Review memory files regularly, avoid saving secrets or sensitive third-party data, remove anything you do not want retained, and make sure MEMORY.md is not loaded in shared or group-chat contexts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to run an initialization script and repeatedly write to files such as MEMORY.md, memory/feedback.md, daily notes, and topic files, but no explicit permission model is declared. That mismatch matters because the skill clearly has file-write behavior and could alter workspace state or persist sensitive data without a clear trust boundary or user consent model.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly recommends storing long-term personal information such as IDs, timezone, family, relationships, and privacy rules in persistent memory files, but it provides no consent flow, warning, minimization guidance, or retention controls. This creates a real privacy risk because sensitive user data may be silently retained across sessions and exposed to future prompts, tools, or other agents with file access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The rules explicitly instruct the agent to persist user corrections, confirmations, and interaction history to local memory files without requiring user consent, notice, data minimization, or sensitivity checks. In a memory-management skill, this increases the likelihood of storing personal or sensitive data long-term, creating privacy and retention risk if the workspace is shared, synced, or later exposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal