Hierarchical Agent Memory

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only memory-organization skill whose persistent workspace changes are disclosed and aligned with its purpose.

Install only if you want the agent to maintain persistent workspace memory files. Review any setup or migration plan before approving changes, and do not store secrets, API keys, passwords, or sensitive personal data in MEMORY.md or linked memory files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The onboarding trigger is overly broad because it treats phrases like "set up memory" or similar as sufficient to initiate a workflow that can lead to file and directory changes. In a memory-management skill that persists data and modifies workspace structure, ambiguous activation increases the risk of unintended onboarding, especially when normal conversation about memory setup could be misinterpreted as consent to reconfigure state.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The guide permits the agent to interpret "just use defaults" as authorization to create directories and apply a preset, but it does not require the agent to clearly disclose that filesystem changes will occur before acting. In this skill's context, that is risky because the skill is specifically designed to create durable memory structures in the workspace, so a casual conversational shortcut could result in unintended persistent modifications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal