ClawHub

memory ebbinghaus

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local memory manager that can save, archive, and delete its own memory records, with no evidence of hidden network, credential, or destructive system behavior.

Install this only if you want a local memory database for an agent. Set EBBINGHAUS_DB and EBBINGHAUS_ARCHIVE deliberately, avoid storing secrets as memories, and confirm item IDs before using forget or archive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly instructs the agent to read environment variables and write to local files, yet no explicit permissions are declared. This can lead to silent file creation, modification, or archive appends in the user's working directory without clear consent boundaries, increasing the risk of unintended data persistence or overwriting.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list includes broad phrases such as 'memory management' and 'clean up memory', which can cause the skill to activate in situations where the user did not specifically intend lifecycle operations on memory files. Because the skill supports deletion and archiving, accidental invocation can lead to unintended state changes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation exposes a destructive 'forget' operation without a prominent warning that deletion may be irreversible. In a memory-management context, this is especially risky because users may interpret forgetting as a soft hide or decay action rather than permanent removal.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The setup instructions state that running status will automatically create a database file if it does not exist, but this side effect is not prominently disclosed as a write operation. Even though the write is local and limited, unexpected file creation in the current directory can surprise users and clutter or interfere with existing workflows.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal