ClawHub

Memory Auto Sync

Security checks across malware telemetry and agentic risk

Overview

This memory skill is not deceptive, but it automatically saves every text conversation indefinitely with limited user controls.

Install only if you explicitly want every text conversation saved to disk and memory for future recall. Avoid using it around passwords, tokens, personal data, or confidential business information unless you add controls for opt-in, redaction, configurable storage, retention, and deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly states it will automatically listen to and persist all user-assistant conversations into local Markdown files. This creates a clear privacy and data-retention risk because sensitive content may be stored without informed consent, minimization, access controls, or disclosure of how long the data is kept.

Missing User Warnings

High
Confidence
98% confidence
Finding
The plugin automatically stores all inbound and outbound text to both a local markdown archive and a vector memory database without user notice, consent, minimization, or retention controls. This can capture sensitive personal data, credentials, secrets, and private assistant output, creating a substantial confidentiality and privacy risk if the files or memory store are accessed by other components, users, or backups.

Ssd 3

Medium
Confidence
96% confidence
Finding
The documentation describes persistent logging of all conversations to memory files, which increases the attack surface by retaining potentially sensitive information in plain local storage. Even without network exfiltration, such retained transcripts can be exposed through local compromise, backups, shared accounts, or accidental disclosure.

Ssd 3

High
Confidence
97% confidence
Finding
The code is explicitly designed to permanently record both user and assistant conversations into local storage and a memory system, significantly increasing the attack surface for sensitive data exposure. In this skill context, the behavior is more dangerous because it is broad, automatic, and unconditional: every text exchange is persisted, including data users may reasonably expect to remain ephemeral.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal