Security audit

ClawBrain Memory

Security checks across malware telemetry and agentic risk

Overview

This skill openly provides long-term cross-conversation memory, but it enables broad automatic retention and reprocessing without clearly explaining limits, storage, consent, or deletion controls.

Review this before installing. Use it only if you are comfortable with conversation details being retained across sessions and automatically summarized or reorganized. Avoid sharing secrets until you know where memories are stored, who can access them, how long they remain, and how to review or delete them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill says it is installed to work automatically while also providing very broad natural-language trigger examples, which makes its activation scope unclear to users. In a cross-conversation memory skill, ambiguous invocation can cause unintended retrieval or storage of sensitive information without clear user awareness or consent.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The description advertises persistent long-term memory and automatic processing but does not warn users that data may be stored across conversations and reorganized automatically over time. This creates a meaningful privacy and consent risk because users may reveal sensitive personal, professional, or historical information without understanding that it will persist beyond the current chat.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal