ClawHub

Synapse

Security checks across malware telemetry and agentic risk

Overview

Synapse is a coherent local memory skill, but it can automatically read prior conversations and build persistent profiles without clear user opt-in, review, or deletion controls.

Install only if you want OpenClaw to maintain a persistent local profile about you, including inferred preferences and behavioral patterns. Before using it, consider narrowing triggers, requiring confirmation before writes, setting a controlled SYNAPSE_DATA_DIR, and periodically reviewing or deleting the generated Synapse memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly advertises cross-session memory, preference tracking, and structured profile building, but does not warn users that potentially sensitive behavioral and preference data may be retained over time. In a memory-oriented skill, that omission materially increases privacy risk because users may disclose personal information without understanding the persistence, scope, or review/deletion model for stored data.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill advertises broad trigger phrases such as "remember this," "what do you know about," and "search memories," which are common conversational phrases and can cause the memory engine to activate without sufficiently explicit user intent. In this skill's context, unintended invocation is more dangerous because activation leads to persistence and analysis of user-derived information across sessions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description and operating guidance do not clearly warn users that it stores derived profile data and may review prior transcripts, notes, and memory artifacts during learning cycles. Because the skill performs ongoing profiling and cross-session retention, lack of transparent notice undermines informed consent and increases privacy risk.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to perform "quiet learning" and proactively record observations, preferences, corrections, and behavioral patterns across conversations. This creates a persistent profiling and logging mechanism for user-derived information, which is especially risky because it includes implicit signals rather than only explicit user-provided memory requests.

Ssd 3

Medium
Confidence
97% confidence
Finding
The learning-cycle workflow directs broad retrospective analysis of the last 24 hours of transcripts, MEMORY.md, and daily notes to extract new "operator intelligence" and update structured profiles. This materially expands data retention and secondary use of prior interactions, increasing the risk of overcollection, sensitive inference, and persistence of information the user did not explicitly consent to being profiled.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal