Back to skill

Security audit

Session Memory Writer

Security checks across malware telemetry and agentic risk

Overview

This is a text-only skill for appending structured local work logs, with the main risk being that task details may be saved persistently.

Install this only if you want agents to keep persistent local task logs. Review the generated memory and OUTBOX files in sensitive projects, because work details and technical decisions may be retained for later search or journal workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill metadata and description scope the capability to writing daily memory files, but the body also authorizes writes to OUTBOX.md. This scope mismatch can cause an agent or reviewer to underestimate what files may be modified, increasing the chance of unintended writes to additional user data and weakening change-control expectations.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill directs the agent to append to memory files and potentially OUTBOX.md without any explicit confirmation, warning, or guardrails around modifying user-maintained files. In an agent setting, silent persistence to local files can create unwanted data changes, audit gaps, or accidental disclosure of sensitive session content into durable storage.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.