Oc Dream Rem

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed memory-cleanup helper that can rewrite and prune files in a scoped memory folder, so users should back up important memories first.

Install only if you want an agent to maintain your memory/ files by consolidating, rewriting, and pruning them. Because the skill can remove or overwrite memory content and does not specify backups or confirmation gates, keep the memory directory under version control or make backups before use, and prefer reviewing proposed deletions for important memories.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly states it will remove outdated content and keep MEMORY.md concise, but it does not warn users about irreversible data modification or deletion. In a memory-management skill, destructive behavior is contextually expected, but the lack of confirmation, backup, or rollback guidance creates a real risk of unintended data loss.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The workflow instructs the agent to execute consolidation by adding, updating, and deleting topic files, then rewriting MEMORY.md and updating state, yet it omits any safety interlock. Because these are state-changing filesystem operations, a mistaken trigger or incorrect consolidation can permanently corrupt or erase user memory artifacts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal