Back to skill

Security audit

Memory Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a local memory organizer that creates, searches, snapshots, and reorganizes files in the OpenClaw workspace, with no evidence of hidden network access or malicious behavior.

Install this if you want a local workspace memory system. Before running organize.sh, snapshot.sh, or categorize.sh, review the target files because they can move, copy, or append local memory content; avoid storing secrets in memory files and review old snapshots or legacy folders periodically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README advertises `organize.sh` and `snapshot.sh` as operations that migrate or save memory data, but it does not warn users that these actions modify local memory files or recommend backup/confirmation steps. In an agent-skill context, operators may run documented commands automatically or with high trust, increasing the chance of unintended data movement, duplication, overwrite, or privacy exposure in local memory stores.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation guidance is broad ('use when agents need... never lose context again') and lacks clear boundaries for when the skill should or should not activate. In agentic environments, ambiguous activation criteria can cause unnecessary execution of file-modifying operations, increasing the chance of unintended reorganization, snapshots, or other local state changes without explicit user intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes migration, snapshot, preservation in legacy folders, and other local-memory modifications without a prominent warning that these operations change files in the workspace. This is dangerous because users or higher-level agents may treat the skill as observational memory tooling, when it can actually copy, move, append, or restructure stored context, risking accidental data corruption, duplication, or privacy exposure through misplaced backups.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.