Memory Forensics

Security checks across malware telemetry and agentic risk

Overview

This is a memory-forensics guide whose sensitive RAM and credential-recovery steps are disclosed and aligned with its purpose, but users should treat outputs as highly sensitive.

Install and use this only for authorized incident response, forensic, or lab work. Memory images and command outputs may contain passwords, hashes, tokens, private user activity, and malware artifacts, so store them securely, restrict access, redact before sharing, and rotate any exposed credentials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly documents credential extraction from memory, including hash dumping, LSA secrets, cached credentials, and Mimikatz-style extraction, but provides no warning about legal authorization, sensitive-data handling, or defensive-only use. In a security skill, this omission increases the chance of misuse or accidental exposure of highly sensitive secrets during routine use.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal