ClawHub

Agent Memory Kit

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent local memory and search kit for agents, with privacy hygiene caveats but no evidence of hidden exfiltration or destructive runtime behavior.

Install only if you want an agent to keep local long-term memory in your workspace. Treat the memory files as private notes: do not store passwords, tokens, raw user conversations, personal data, or sensitive internal procedures, and review any PATH or rm commands before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The uninstallation section provides destructive `rm` commands, including `rm -rf`, without an explicit warning that the deletions are permanent or guidance to verify paths before execution. In an agent skill context, users may copy/paste these commands directly, increasing the chance of accidental data loss if the working directory or installation path differs from expectations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document explicitly instructs persistent recording of events, interactions, outcomes, and especially 'HOW' details in dated memory files, but provides no data-minimization, consent, retention, or secret-handling guidance. In an agent skill, this creates a real risk of storing sensitive user content, credentials, internal URLs, or personal data in long-lived plaintext files that may later be exposed or reused out of context.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The procedural-memory guidance encourages documenting technical integrations and recovery procedures whenever discovered, which can easily lead to persistence of API endpoints, auth flows, operational steps, or break-glass procedures in accessible workspace files. Without safeguards, this increases the chance of sensitive implementation details being captured and later leaked or abused.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The daily routine and pre-compaction steps direct the agent to flush significant events, active decisions, running subagents, and next actions into persistent files to preserve state. In context, this is more dangerous than ordinary note-taking because compaction snapshots can capture broad slices of live session state, including sensitive user requests, internal reasoning-adjacent summaries, operational context, and technical details, all without privacy boundaries.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
```bash
rm -f skills/agent-memory-kit/bin/memory-search
rm -rf skills/agent-memory-kit/lib/
rm -f skills/agent-memory-kit/SEARCH.md
rm -f skills/agent-memory-kit/QUICKSTART-SEARCH.md
rm -f skills/agent-memory-kit/EXAMPLES.md
Confidence
89% confidence
Finding
rm -rf skills/agent-memory-kit/lib/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal