Back to skill
Skillv0.2.0
VirusTotal security
Memtrap Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 22, 2026, 2:16 PM
- Hash
- 7a545b7e52ed9e9d0d3d729a8332f169783af6a686f2a6aa91006377bbc92987
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: memtrap Version: 0.2.0 The memtrap skill claims to be a security benchmarking tool but requires high-privilege access to intercept and 'wrap' all agent memory (e.g., LangGraph/CrewAI). A significant concern is the 'memtrap submit' command in SKILL.md, which encourages uploading 'memory context'—potentially containing PII or secrets—to a public leaderboard (github.com/shaymizuno/memtrap). The documentation also cites future-dated (2026) security standards and papers, which is highly anomalous. While framed as a hardening tool, the potential for data exfiltration and the broad access to the agent's internal state via the external 'memtrap' pip package make it high-risk.
- External report
- View on VirusTotal