ClawHub

Memory Distill

Security checks across malware telemetry and agentic risk

Overview

This instruction-only memory skill is coherent, but it encourages automatic persistent storage of conversation details, including sensitive temporary items like verification codes and links.

Review carefully before installing, especially before enabling Cron or HEARTBEAT automation. Use it only if you want conversations summarized into persistent local memory files, and configure or instruct it not to save verification codes, login links, secrets, personal contact details, or other sensitive temporary information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly extracts and persists conversation content into files like MEMORY.md, memory/YYYY-MM-DD.md, and USER.md, including categories that may contain sensitive personal or temporary information. Failing to clearly warn users about persistent storage materially increases the risk of unintended retention, privacy violations, and later disclosure of secrets.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages Cron-based unattended execution that analyzes daily conversations and writes results to memory files, but it does not clearly warn that this recurring automation processes user data without an active review step. In context, automatic scheduled summarization broadens collection scope and persistence, making accidental storage of sensitive data more likely.

Ssd 3

High
Confidence
99% confidence
Finding
This section instructs the agent to scan conversation history and persist categories such as contact information, preferences, temporary codes, and links into long-lived files. That creates a direct privacy and secret-retention risk: highly sensitive or short-lived data may be unnecessarily collected, normalized, and made easier to exfiltrate from persistent storage.

Ssd 3

High
Confidence
99% confidence
Finding
The scheduled task text directs the agent to automatically analyze the day's conversations and write extracted content into MEMORY.md and dated memory files. In this context, unattended broad collection of user conversations is especially dangerous because it enables recurring persistence of potentially sensitive data without timely human validation or contextual judgment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal