ClawHub

vemem — visual entity memory

Security checks across malware telemetry and agentic risk

Overview

This is a transparent visual-memory skill that handles sensitive biometric-style data, but its sensitive behavior is disclosed and aligned with its stated purpose.

Install only if you intentionally want persistent visual identity memory. Use a dedicated test VEMEM_HOME first, pin and verify the external Python package, avoid remote vision APIs for private images unless you accept that data flow, and enable the OpenClaw sidecar only if you want automatic face recognition on every image attachment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill is presented as visual identity memory, but the `remember` and `recall` capabilities allow storing and retrieving arbitrary free-form facts, events, and relationships tied to identified people. That materially expands the system from recognition into persistent profiling, increasing privacy risk, misuse potential, and the consequences of misidentification because sensitive assertions can be attached to a biometric identity record.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The `export` tool can dump the full entity record, including observations, bindings, facts, relationships, event logs, and optionally raw embeddings. In a system centered on face/object identity persistence, this broad exfiltration surface increases the blast radius of any unauthorized access and exposes especially sensitive biometric vectors that could enable secondary misuse or cross-system linkage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The troubleshooting guidance recommends moving the entire persistent store aside and starting fresh, which effectively resets the identity memory database and can lead to loss of availability of stored identities, labels, and history if a user follows it casually. Although the command preserves the directory under a new name, the documentation frames it as a troubleshooting step without a strong warning, backup/restore procedure, or confirmation of privacy and retention implications for a system handling persistent biometric-like memory.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal