Back to skill

Security audit

Unified Memory V5

Security checks across malware telemetry and agentic risk

Overview

This memory skill is broadly purpose-aligned, but it asks for persistent automatic memory capture and exposes several high-impact install and runtime paths that need human review.

Install only after reviewing the source that will actually run, especially install.sh/src/index.js from the repository. Expect this skill to persist and reuse conversation-derived information automatically, and avoid enabling cloud sync, external plugins, or 0.0.0.0 HTTP servers unless you have reviewed the configuration, credentials, retention, deletion, and disable controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal (+1 more)

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
merged-src.js:16446

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
merged-src.js:19

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
merged-docs.md:6106

Sensitive-looking file read is paired with a network send.

Warn
Code
suspicious.potential_exfiltration
Location
merged-src.js:89862