ClawHub

Forget Something

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is not malware, but it needs review because its memory-deletion examples may not actually delete data while claiming privacy and compliance benefits.

Install only as conceptual guidance, not as drop-in privacy or retention code. Before using it with real agent memory, require an implementation that proves deletions persist in the actual memory store, enforces dry-run and backup behavior, scopes scheduled jobs carefully, and includes tests that confirm deleted records are truly absent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The examples claim to delete or remove memories, but they only call filter() without assigning the filtered result back to the store or mutating it. This creates a dangerous mismatch between documented privacy/data-retention behavior and actual behavior, so operators may believe sensitive data was forgotten when it was silently retained.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The core implementation logs that forgetting ran and computes removed counts, but the strategy methods again only invoke non-mutating filter() calls, so no deletion may occur while audit-style logs imply success. In a privacy-focused memory-management skill, this is especially dangerous because it can cause prolonged retention of sensitive data, false compliance assumptions, and incorrect operational decisions.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The test claims only one memory should remain after forgetting, but the implementation shown would not mutate the store, so the test either would fail or mislead readers if treated as illustrative documentation. Faulty validation around deletion logic is risky in privacy and retention features because it undermines confidence that sensitive memories are actually removed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal