Memory System Sidecar

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform disclosed, purpose-aligned local refresh/rebuild work, with a minor documentation gap about possible overwrites.

Before installing or running refresh/rebuild commands, review any locally modified generated state or context files and back them up if needed. The available signals do not show malicious behavior, but these commands may replace generated content as part of normal operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This markdown file documents commands that regenerate multiple artifacts, including state and context files, but it does not include any caution that running refresh or rebuild will overwrite existing generated content. Because SQP-2 applies to markdown files when behaviors could affect user data or system integrity, the omission of a warning about these file-changing side effects is a meaningful safety gap.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal