The Holographic Memory Matrix

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local SQLite memory simulation that writes a small database when run, with no evidence of hidden network access, credential use, or destructive behavior.

Install only if you are comfortable with a skill that writes a local SQLite database in the directory where it is run. Run it from a dedicated project folder, avoid placing sensitive smart-home or camera reference data in its input template unless intended, and delete s2_memory_vault/s2_chronos.db when you no longer want the persisted demo data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The skill explicitly states it will automatically build a local `s2_chronos.db`, which implies a filesystem write without any visible user consent, notice at execution time, or scope limitation. While this is not inherently malicious, silent file creation can violate user expectations, create persistence artifacts, and become more concerning in agent environments where skills may run with broad local access.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal