ClawHub

Mimir

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local memory integration, but users should review it because it stores persistent agent memory and its encryption/privacy claims are stronger than the documented defaults support.

Install only if you are comfortable running the external Mimir binary and giving it durable access to agent memory. Set MIMIR_ENCRYPTION_KEY before storing sensitive information, prefer a localhost or trusted embedding endpoint, avoid remote endpoints unless you accept sending memory-related data there, and back up/export memories before using prune, compact, or automated grooming commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill prominently markets AES-256 encrypted persistent memory, but the setup explicitly allows operation without an encryption key, resulting in plaintext local storage. This creates a mismatch between the claimed security posture and actual default/allowed behavior, which can cause users to store sensitive agent memory under a false sense of protection.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation claims that no data leaves the environment and that there is no network access by default, yet it also documents semantic search through an HTTP LLM endpoint. Even if optional, this can send memory contents or user queries to another service, making the privacy claims materially misleading and increasing risk of unintended disclosure.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill exposes archive, decay, prune, compact, and forget operations without prominent cautions about reversibility, review, or backup. In a persistent memory system, these operations can silently remove or suppress important context, causing data loss, integrity issues, or degraded agent behavior across sessions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes optional use of an LLM/embedding endpoint for semantic search but does not prominently warn that memory text, queries, or derived content may be sent to that endpoint. For a memory system that may contain sensitive information, this omission can lead to accidental exfiltration to a network service the user did not fully evaluate.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal