Memory Architect

Security checks across malware telemetry and agentic risk

Overview

This skill openly reorganizes an agent’s own memory files and does not show hidden access, exfiltration, or unrelated behavior.

Install only if you want the agent to restructure its long-term memory. Before running it, make a backup of MEMORY.md or ask the agent to show a migration plan/diff first, then review the generated tier files and ontology for missing, stale, or sensitive information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs creating and rewriting multiple user memory files without any explicit safeguard such as confirmation, backup, diff review, or rollback. Because these files may contain important persistent context, an automated run could overwrite, misclassify, or drop data and silently degrade future agent behavior.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: This section explicitly tells the agent to replace MEMORY.md with a short router, which is a destructive transformation of a user-maintained file. Even with instructions to preserve some directives, the process can remove nuanced context, metadata, or edge-case content that does not fit the new schema, causing irreversible loss of memory fidelity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal