ClawHub

马斯克精英记忆

Security checks across malware telemetry and agentic risk

Overview

This memory skill appears purpose-aligned, but it asks agents to persist broad user context silently and promotes optional cloud memory integrations without enough consent or data-flow controls.

Install only if you intentionally want persistent agent memory. Keep it scoped to non-sensitive projects, review memory files regularly, avoid enabling SuperMemory or Mem0 unless you accept third-party storage of memory content, verify the package identity before using npx/npm commands, and do not run the vector cleanup command without a backup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
77% confidence
Finding
The skill references environment-variable based secrets such as SUPERMEMORY_API_KEY and MEM0_API_KEY, but no explicit permission model or disclosure is declared. In a memory skill, undocumented secret use increases the risk of silent data export or unexpected external service access.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README advertises cloud backup and automatic fact extraction without clearly warning that potentially sensitive conversation data may be transmitted to third-party services. In a memory system for AI agents, stored content can include secrets, internal project details, user data, and decision history, so omission of privacy/data-flow warnings can cause users to enable risky features without informed consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The Mem0 integration example instructs users to send conversation messages to an external API but does not explicitly state that message contents leave the local environment. Because this skill is designed to capture long-term agent memory, those messages may contain credentials, proprietary code, personal data, or other sensitive context, making silent external transmission especially risky.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill promotes SuperMemory cloud backup and Mem0 automatic extraction without a prominent warning that conversation data may be transmitted to third-party services. Because this skill is specifically designed to retain broad user context and preferences, the absence of privacy notice and consent makes the data exposure risk materially worse.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation includes a destructive deletion command for the memory database without clearly warning that it is irreversible and may remove all stored memory state. Users or downstream agents may copy and execute it as routine maintenance, causing unintended loss of data.

Ssd 3

Medium
Confidence
95% confidence
Finding
The WAL instructions explicitly direct the agent to persist user preferences, decisions, deadlines, and corrections before responding. This creates systematic retention of potentially sensitive user data, increasing exposure through local compromise, over-collection, and accidental reuse in future contexts.

Ssd 3

High
Confidence
97% confidence
Finding
The skill advocates broad long-term capture across multiple memory layers, including semantic storage, permanent decision records, curated archives, cloud backup, and automatic fact extraction. In context, this amplifies privacy and leakage risk because a single user statement may be replicated into several stores and potentially synchronized externally.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
memory_recall query="*" limit=50

# 清除所有向量(核选项)
rm -rf ~/.openclaw/memory/lancedb/
openclaw gateway restart

# 导出Git-Notes
Confidence
92% confidence
Finding
rm -rf ~

Tool Parameter Abuse

High
Category
Tool Misuse
Content
memory_recall query="*" limit=50

# 清除所有向量(核选项)
rm -rf ~/.openclaw/memory/lancedb/
openclaw gateway restart

# 导出Git-Notes
Confidence
92% confidence
Finding
rm -rf ~/.openclaw/memory/lancedb/

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal