ClawHub

Qoris Memory — Persistent Agent Memory

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed hosted memory integration, but users should treat shared persistent memory and its API key carefully.

Install only if you are comfortable sending selected memory content to Qoris for the configured workspace. Do not store secrets, regulated data, or sensitive customer or personal information unless your organization has approved the provider, retention policy, access controls, and workspace sharing model; protect and rotate QORIS_API_KEY like any other credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README promotes persistent memory "across team members" and broad knowledge retention without any warning about privacy boundaries, consent, data classification, or the risk of storing sensitive information. In a memory skill, this omission is security-relevant because users may reasonably store credentials, personal data, customer information, or internal strategy in a shared persistent system, increasing the chance of unintended disclosure or policy violations.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The README instructs users to export an API key and workspace ID but does not include even basic secret-handling guidance such as avoiding committing credentials to source control, using a secret manager, or setting them only in a secure local environment. While environment variables are common, omission of handling guidance in an installation flow can lead to credential leakage through shell history, shared configs, screenshots, logs, or checked-in setup files.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The manifest exposes destructive tools such as update_memory and delete_memory but does not provide any user-facing warning, disclosure, or indication of confirmation requirements. In a persistent cross-session memory skill, these operations can alter or erase stored context, increasing the risk of accidental data loss, prompt-influenced tampering, or misuse by an agent acting without clear user awareness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal