ClawHub

cortex-mem-mcp

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed persistent-memory skill, but users should be careful about what it stores and which external services receive that data.

Before installing, verify the upstream cortex-mem-mcp package or release, use scoped provider API keys, keep config files out of repositories, restrict config permissions, avoid storing secrets or regulated data, and disable auto-triggering if you want explicit control over what gets saved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is explicitly designed to persist conversations, user preferences, and interaction history across sessions, but the documentation does not warn users about retention, sensitivity, consent, or privacy implications. In a memory-oriented skill, this omission is significant because operators may store personal or confidential data without understanding that it will be retained and made searchable over time.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The configuration examples place API keys directly in a plaintext config file without any warning about secret management or filesystem protections. This encourages insecure operational practices: keys may be committed to source control, exposed via backups, or read by other local users/processes if permissions are weak.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documented delete operation is destructive, yet the skill does not warn that deletion may be irreversible or that it can remove stored memory context relied upon by agents. In a persistent-memory system, accidental deletion can cause data loss, loss of auditability, and disruption of agent behavior.

External Transmission

Medium
Category
Data Exfiltration
Content
[llm]
# LLM API configuration
api_base_url = "https://api.openai.com/v1"
api_key = "your-api-key"
model_efficient = "gpt-4o-mini"
temperature = 0.1
Confidence
92% confidence
Finding
https://api.openai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
[embedding]
# Embedding configuration
api_base_url = "https://api.openai.com/v1"
api_key = "your-embedding-api-key"
model_name = "text-embedding-3-small"
batch_size = 10
Confidence
92% confidence
Finding
https://api.openai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
data_dir = "./cortex-data"

[llm]
api_base_url = "https://api.openai.com/v1"
api_key = "your-api-key"
model_efficient = "gpt-4o-mini"
Confidence
89% confidence
Finding
https://api.openai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
model_efficient = "gpt-4o-mini"

[embedding]
api_base_url = "https://api.openai.com/v1"
api_key = "your-api-key"
model_name = "text-embedding-3-small"
Confidence
89% confidence
Finding
https://api.openai.com/

Session Persistence

Medium
Category
Rogue Agent
Content
## Configuration

### Step 1: Create Configuration File

Create a `config.toml` file (e.g., `~/.config/cortex-mem/config.toml`):
Confidence
95% confidence
Finding
Create Configuration File Create a `config.toml` file (e.g., `~/.config/cortex-mem/config.toml`): ```toml [cortex] # Data directory for storing memories data_dir = "~/.cortex-data" [llm] # LLM API

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal