ClawHub
Back to plugin

Security audit

Concept Forge

Security checks across malware telemetry and agentic risk

Overview

Concept Forge is a local terminology-memory plugin whose persistence and prompt reuse fit its stated purpose and are disclosed in the README.

Install only if you want project terminology to be remembered locally across sessions. Review ~/.openclaw/concept-forge for stored ledgers, use separate projectId values for separation, and avoid letting sensitive client or secret-bearing terminology be captured if local retained memory is not acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README states that concept data persists across sessions in local JSON files and exposes destructive actions like 'Discard [Concept]' without clearly warning users about retention scope, permanence, backup behavior, or whether deletion is reversible. This is not an exploit primitive by itself, but it is a real security/privacy weakness because users may unintentionally retain sensitive conversation data or irreversibly delete project knowledge without understanding the impact.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The plugin persists derived session content into a ledger and there is no user-facing notice or consent mechanism shown in this file. In a conversational system, storing concepts and definitions across turns or sessions can create privacy and data-governance risk, especially if users do not expect retention of their conversation content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Previously tracked concepts are injected into the next session's prompt, enabling cross-session reuse of prior conversation data without any explicit warning in this file. This can leak information from earlier interactions into future model behavior and responses, which is particularly risky in multi-user or shared-project contexts.

VirusTotal

60/60 vendors flagged this plugin as clean.

View on VirusTotal