Long Term Memory with Honcho
Security checks across malware telemetry and agentic risk
Overview
This skill is a clearly disclosed Honcho memory setup helper, but it intentionally uploads selected memory files and ongoing conversations to Honcho once enabled.
Install only in workspaces where you are comfortable sending memory files and ongoing conversation content to Honcho or your self-hosted endpoint. Review the file list during setup, use a revocable Honcho API key, and disable the plugin with openclaw plugins disable openclaw-honcho when you do not want ongoing observation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.