Natural-Language Policy Violations
Medium
- Confidence
- 93% confidence
- Finding
- The embedded AGENTS.md replacement instructs operators to force all memory activity through MemClaw and explicitly says not to use legacy memory paths, without presenting user consent, scope limits, or alternatives. In a maintenance skill, this is risky because it changes persistent agent behavior globally and can cause unintended retention of user data across sessions, increasing privacy and policy risk.
