Back to skill

Security audit

Wb Lobster Memory

Security checks across malware telemetry and agentic risk

Overview

This is a coherent long-term memory bridge, but it asks the agent to automatically store personal, emotional, relationship, project, and feedback data with limited consent and deletion controls.

Install only if you intentionally want a WorkBuddy agent to keep a persistent graph memory about you and your work. Before using it, verify the external lobster-memory repository and install script, set the storage directory deliberately, and establish a rule that memories are written only after explicit confirmation, with a way to inspect and delete stored entries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

High
Confidence
96% confidence
Finding
The skill description explicitly says it triggers not only on user commands like '记住这个' but also whenever dialogue contains content 'worth long-term retention'. That is an overbroad, subjective trigger that can cause the agent to persist data without a clear, specific user action or informed consent, especially for sensitive preferences, relationships, and feedback.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Several trigger phrases are broad enough to appear in normal conversation, especially '回忆一下' and '长期记忆', which may be invoked incidentally rather than as deliberate consent to operate a persistence feature. This increases the chance of accidental memory operations or retrievals based on ambiguous user phrasing.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explains its architecture and storage paths but does not clearly warn users that it stores long-term preference, relationship, emotional valence, and feedback data in persistent graph memory. Because the retained data is personal and behaviorally revealing, the lack of a prominent disclosure undermines informed consent and increases privacy risk.

Ssd 3

Medium
Confidence
94% confidence
Finding
The instructions tell the agent to extract and persist conversation content whenever it judges the content to be meaningful, including preferences, project context, relationships, and emotions. This creates a direct retention risk because free-form user dialogue may contain sensitive information that is stored indefinitely or reused later outside the user's expectations.

Ssd 3

Medium
Confidence
95% confidence
Finding
The schema specifically encourages structured retention of criticism, praise, emotions, and relationship information, including valence scoring. That kind of profiling data can reveal sensitive personal traits and interaction history, and if leaked or misused it could enable invasive profiling, manipulation, or reputational harm.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.