ClawHub

Session Memory Extractor

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about extracting old session history into memory, but it handles private logs, API keys, optional notifications, and permanent deletion with broad scope and incomplete packaged runtime files.

Review the actual runtime scripts before installing or running. Use preview first, keep notifications disabled unless the recipient is trusted, inspect and redact generated memory before deletion, and avoid running it on sessions that may contain credentials, regulated data, or confidential work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation presents inconsistent safety semantics around `--preview` and `--dry-run`, while the skill performs irreversible deletion of session files. In a destructive workflow, ambiguity in operator instructions can cause the agent or user to run a command that deletes data when they believed it would only preview or extract, leading to accidental loss of session history.

Ssd 3

High
Confidence
98% confidence
Finding
The skill explicitly extracts decisions, preferences, facts, and potentially secrets from prior session logs into persistent `memory/` files, and the document itself acknowledges sessions may contain passwords, keys, and sensitive conversations. Persisting and optionally notifying extracted snippets broadens the exposure surface, can retain secrets beyond their original lifecycle, and may leak sensitive data into less protected storage or external messaging channels.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal