Back to skill

Security audit

Agent Memory Temp

Security checks across malware telemetry and agentic risk

Overview

The memory code itself is coherent and local-only, but the package identity and install instructions do not consistently point to the reviewed skill.

Review the package identity before installing: confirm whether you intend to install agent-memory-temp or agent-memory and verify the publisher/source. If you use it, treat the SQLite memory database as sensitive local data: avoid storing secrets or regulated personal data, set retention expectations, and periodically review, export, or delete stored memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes persistent storage of facts, lessons, entities, and relationship context across sessions, including examples about bosses and coworkers, but does not warn users about privacy, consent, retention, or sensitive-data handling. In an agent-memory skill, this omission is security-relevant because operators may store personal or confidential information by default without understanding the persistence and exposure risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly promotes storing conversation-derived facts, lessons, and entity information across sessions in a local SQLite database, but it does not warn users about the privacy, sensitivity, and retention implications of that persistence. This can lead operators to unknowingly store personal, confidential, or regulated data on disk, increasing the risk of unauthorized access, unintended retention, or later misuse by the agent or other local users/processes.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
This component persistently stores potentially sensitive facts, lessons, and entity data under the user's home directory without any explicit consent flow, retention notice, or privacy controls. In an agent context, users may unknowingly cause personal, confidential, or regulated data to be retained across sessions, increasing the chance of later disclosure through local compromise, shared accounts, backups, or unintended export.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.