Memory LanceDB Setup

Security checks across malware telemetry and agentic risk

Overview

This is a coherent setup skill, but it asks users to persist an API key, enable long-lived semantic memory, and run an unsafe in-place patch against installed OpenClaw files.

Review before installing. Use a limited-scope embedding key, avoid storing secrets or live tokens in memory, assume memory contents may be sent to the configured embedding provider, pin or verify npm packages, and do not run the patch script unless you first inspect the target file and create a rollback copy.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the user to write an embedding API key directly into persistent OpenClaw configuration, but gives no warning about where that config is stored, who can read it, or safer alternatives. This creates a realistic risk of credential exposure through local config files, backups, logs, screenshots, or shared system access.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill tells the user to patch behavior in software installed under system-managed paths and modify package contents to work around a dependency-loading issue, without describing rollback steps, integrity risks, or version-specific safety checks. Altering installed files in global package directories can break updates, mask supply-chain problems, and leave the system in an unsupported state that is hard to audit.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal