ClawHub

Lethe Memory

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local persistent-memory helper; its sensitive behavior is mostly expected for that purpose, with privacy precautions users should understand.

Install this only if you want an agent to use a local Lethe memory service and persist selected work context. Keep LETHE_API unset unless you intentionally use remote storage, do not expose port 18483, and avoid logging secrets, credentials, or personal data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script silently reads a local SQLite database to discover the active session ID without notifying the user. In a memory/logging skill, this can cause data to be associated with a session the caller did not explicitly choose, creating privacy and integrity risks if multiple sessions or users share the environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The task update path sends data to the Lethe API over plain HTTP by default, which provides no transport security if the endpoint is remote or traffic is intercepted. Even if intended for localhost, the script gives no warning that user task metadata and session identifiers are being transmitted over the network stack.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Record/log/flag commands post arbitrary user-supplied message content to the API without any explicit disclosure or confirmation. Because this skill is specifically designed for persistent memory and logging, users may unintentionally send sensitive reasoning, secrets, or personal data into long-lived storage.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal