ClawHub

NoMoreForget

Security checks across malware telemetry and agentic risk

Overview

The skill is a local OpenClaw memory-management helper that appears purpose-aligned, but users should review its installer because it changes persistent memory settings and creates local backups.

Before installing, review scripts/install.sh and make a current backup of ~/.openclaw. Avoid storing secrets in OpenClaw memory, and be aware that this skill may preserve session notes in daily memory files and backup folders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs users to run shell scripts that can read and modify local files and configuration, yet the manifest does not declare corresponding permissions or warn about those capabilities. This creates a transparency and trust problem: users may trigger file system changes without clear disclosure, increasing the risk of unintended config edits, backups, or destructive restores.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README directly instructs users to execute installation, verification, backup, and restore shell scripts, but it provides no warning that these commands may modify files under the user's OpenClaw configuration or affect existing memory state. This is dangerous because users are encouraged to run opaque local scripts from a cloned repository, increasing the chance of unintended filesystem changes, overwrites, or restoration of stale or attacker-controlled data without informed consent.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger phrases are broad and overlap with ordinary conversation about memory problems, token usage, or configuration. That makes accidental invocation more likely, which is risky here because the skill encourages executing scripts and changing memory-related settings that affect the local environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The markdown directly instructs users to run installation, verification, optimization, backup, and restore scripts without describing what files or settings they will modify. In a skill that targets local memory/configuration behavior, this can lead to unsafe configuration changes, data overwrites, or restoration of stale state if users execute commands blindly.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The document explicitly states that session details are automatically written to daily memory files, but it does not mention user consent, visibility, retention controls, or warning about persistent storage. In a memory-management skill, this increases privacy risk because users may disclose sensitive conversational content assuming it is ephemeral when it is actually being retained on disk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The installer writes directly to the user's ~/.openclaw/openclaw.json and creates workspace files without prompting, showing a backup message but no consent step. In an agent-skill ecosystem, unattended modification of persistent configuration can change runtime behavior in ways the user did not explicitly approve, which is a real integrity and trust issue even if the intended feature is helpful.

Session Persistence

Medium
Category
Rogue Agent
Content
BACKUP_DIR="$OPENCLAW_DIR/backup_$(date +%Y%m%d_%H%M%S)"
echo ""
echo "📦 备份现有配置到: $BACKUP_DIR"
mkdir -p "$BACKUP_DIR"

if [ -f "$OPENCLAW_DIR/openclaw.json" ]; then
    cp "$OPENCLAW_DIR/openclaw.json" "$BACKUP_DIR/"
Confidence
84% confidence
Finding
mkdir -p "$BACKUP_DIR" if [ -f "$OPENCLAW_DIR/openclaw.json" ]; then cp "$OPENCLAW_DIR/openclaw.json" "$BACKUP_DIR/" fi if [ -d "$WORKSPACE_DIR" ]; then [ -f "$WORKSPACE_DIR/MEMORY.md" ] &&

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal