Back to skill

Security audit

Memory Extraction

Security checks across malware telemetry and agentic risk

Overview

This skill is a persistent memory helper, but it tells the agent to automatically store broad personal details without clear consent, review, retention, or deletion controls.

Install only if you intentionally want an agent to maintain a persistent profile from conversations. Before enabling it, make sure users can approve what is saved, inspect and delete memory, and prevent storage of contact details, precise location, relationship data, or other sensitive facts unless explicitly requested.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly automates extraction of entities, relationships, and observations from conversation and writes them to persistent memory, but it does not require clear user notice, consent, or retention boundaries. This creates a real privacy and data-governance risk because users may disclose personal or sensitive information in normal conversation without understanding it will be stored long-term in a knowledge graph.

Missing User Warnings

High
Confidence
99% confidence
Finding
The system-prompt guidance instructs the agent to proactively record sensitive categories such as age, gender, location, occupation, education, goals, and relationships, again without any user warning or consent workflow. In context, this is more dangerous because it operationalizes continuous background profiling from ordinary conversation into persistent storage.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill directs the agent to continuously collect broad categories of personal data from normal conversation into long-term memory. Even absent overtly malicious intent, this is a true security/privacy weakness because it expands the amount of sensitive data retained, increasing the blast radius of future leaks, misuse, overcollection, or unauthorized access.

Ssd 3

Medium
Confidence
94% confidence
Finding
The examples normalize storing email and identity-related attributes as atomic observations, which encourages persistent retention of personally identifiable information without safeguards. In this skill's context, the examples are effectively policy guidance for implementers, making unsafe data handling more likely and increasing privacy risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.