ClawHub

OpenClaw MongoDB Semantic Memory

Security checks across malware telemetry and agentic risk

Overview

This memory skill is coherent, but users should review it because it can automatically save and re-use conversation details across sessions through an external memory service.

Install only if you intentionally want long-term agent memory. Verify the external plugin and daemon source before use, confirm whether MongoDB is local or cloud-hosted, avoid storing secrets or regulated personal data, review/delete stored memories periodically, and disable hooks if you want memory saved only by explicit user action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
86% confidence
Finding
The skill claims to provide MongoDB-backed, daemon-based memory, but `memory_get` is documented as reading arbitrary memory files from the workspace. That mismatch expands the trust boundary from a controlled memory service to local file access, which can expose unrelated workspace data or cause agents to treat local files as trusted memory without clear isolation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes automatic capture of facts, decisions, preferences, and session summaries across sessions, but it does not present a clear consent, privacy, or retention warning to the user at the point of use. This creates a real privacy risk because users may disclose sensitive information that is then persistently stored and later resurfaced without informed consent.

Ssd 3

Medium
Confidence
96% confidence
Finding
The automatic hooks persist and re-inject natural-language memories, including user facts, preferences, and session summaries, across sessions. If sensitive content is captured, it can be retained longer than intended and later disclosed in unrelated contexts, increasing the chance of privacy leakage and overexposure of confidential information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal