Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local memory tool, so its persistence creates privacy considerations but fits its stated purpose.

Before installing, decide whether you want an agent to keep local cross-session notes about conversations and preferences. Avoid saving secrets, credentials, regulated data, or sensitive business details, and review or delete the local `~/.sage/data/sage.db` memory if you no longer want it retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: This skill enables **persistent memory storage** for AI agents. By design: - **What is stored**: Observations you write via `sage_turn` and `sage_remember` — typically summaries of conversation topics, task outcomes, and user preferences. The agent decides what to store; raw conversation transcripts are NOT automatically captured. - **Where data lives**: All data is stored **locally** on your machine in `~/.sage/data/sage.db` (SQLite).
Confidence: 90% confidence
Finding: write via `sage_turn` and `sage_remember` — typically summaries of conversation topics, task outcomes, and user preferences. The agent decides what to store; raw conversation transcripts are NOT a

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal