ClawHub

Evermemos

Security checks across malware telemetry and agentic risk

Overview

This is a real long-term memory integration, but it can automatically persist personal conversation details to an EverMemOS service without clear consent, deletion, retention, or transport-security guidance.

Install only if you intentionally want persistent AI memory. Before using it, require explicit confirmation before saving personal details, run the EverMemOS service in a trusted environment with authentication and HTTPS when remote, avoid storing secrets or regulated data, and ensure users can review, delete, and disable saved memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases include broad everyday expressions such as references to prior conversation or preferences, which can cause the memory skill to activate when the user did not clearly intend persistent storage or retrieval. In a memory-retention skill, accidental activation increases the risk of collecting, storing, or exposing sensitive personal data without meaningful user consent.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The automatic memory triggers are described broadly, for example on conversation end, self-introduction, task completion, and preference expression, without precise consent or scoping rules. This creates a real risk that personal or sensitive information will be retained automatically in cases where the user expects ephemeral conversation behavior.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill instructs automatic storage of conversation content and preferences but does not warn users about privacy consequences, retention, or downstream access to stored data. Because the skill's core purpose is long-term memory, the absence of transparent notice materially increases the chance of non-consensual collection and retention of sensitive information.

Missing User Warnings

High
Confidence
95% confidence
Finding
The documentation demonstrates sending conversation content to an external memory service over HTTP/API calls, including potentially personal user messages, without adequate warnings about transmission, storage, authentication, or transport security. This is dangerous because users or deployers may adopt the examples as-is and unintentionally expose sensitive chat data to interception or unauthorized service operators.

Ssd 3

Medium
Confidence
96% confidence
Finding
These instructions direct broad automatic collection and retention of user-provided conversation data and personal details, including self-introduction and preferences. In a long-term memory system, such broad retention can capture sensitive information, create privacy harm, and increase the blast radius of any compromise or misuse of the memory store.

Ssd 3

Medium
Confidence
90% confidence
Finding
The conversation-summary example stores message contents whenever they are deemed 'important,' but the criteria are undefined and likely to over-capture user content. This can persist sensitive statements from ordinary chats into long-term storage without clear consent, review, or filtering.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal