Claw Memory

Security checks across malware telemetry and agentic risk

Overview

This is a coherent shared-memory skill, but it can send and persist local memory files to a third-party service with broad activation and weak consent boundaries.

Install only if you intentionally want selected memories stored in this external service. Review and redact MEMORY.md or notes before upload, avoid credentials and highly sensitive personal data, protect the bearer token and encryption key, and prefer a pinned or reviewed install source over a raw main-branch download.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description says to use the service whenever a user asks to store, retrieve, search, or share memories across agent instances, which is broad and lacks clear consent and data-scope boundaries. In a memory-sharing skill, vague activation criteria increase the chance an agent will transmit sensitive conversational or local data to a remote service without an explicit, informed user decision.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The MEMORY.md import example reads a local memory file and uploads its full contents to an external API, but the skill does not present a prominent privacy warning immediately before doing so. Because memory files often contain secrets, personal data, or prior conversation context, this omission can lead to unintentional bulk exfiltration of highly sensitive local data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal