Back to skill

Security audit

Memory Manager

Security checks across malware telemetry and agentic risk

Overview

This is a local OpenClaw memory-management skill with disclosed archiving and logging behavior, but its examples can move or delete memory files if run carelessly.

Install only if you want a local, file-based memory workflow. Verify all configured paths, avoid putting secrets in shared memory or logs, run archive and cleanup commands in test/preview mode first, keep backups, and inspect any PowerShell scripts obtained outside this package before executing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The document claims audit records are immutable, but the described implementation uses ordinary JSON log files with no integrity protection, append-only enforcement, signing, or WORM storage. In a memory-management and audit context, this can mislead operators into trusting logs that an attacker or insider could alter or delete, weakening forensic value and accountability.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The summary explicitly states that all operations are automatically logged to JSON files, but this packaging document does not warn users that logs may contain file paths, project names, agent activity, or other operational metadata. In a memory-management skill used across agents and workspaces, silent logging can create unintended privacy exposure and data retention risks, especially if users assume maintenance actions are ephemeral.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation encourages direct archiving and batch-archiving of files, including looping over matched files, without clearly warning that these operations may move, rename, or otherwise alter user data at scale. In a memory-management skill whose purpose is to manipulate stored project files, this raises a real risk of unintended data reorganization, broken references, or accidental loss of active files if users run the examples as-is.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quick-start directs users to archive files and then perform the real archival operation immediately after a test run, but it does not clearly warn that this moves data out of the active shared area and may affect later workflows. In operational docs, omission of a clear warning before state-changing file operations can lead to accidental data movement and confusion, especially for inexperienced users following copy-paste steps.

Missing User Warnings

High
Confidence
98% confidence
Finding
The monthly cleanup example uses Remove-Item -Force to delete files older than 7 days without a prominent warning that deletion is irreversible. Because this is a quick-start style operational document, users may run the snippet as-is, causing unintended loss of temporary data with no confirmation, recycle-bin protection, or dry-run guidance.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The troubleshooting section recommends Move-Item -Force as a manual archival action without warning that it will relocate the file and overwrite destination conflicts. In a troubleshooting context, users are already handling failures, so undocumented forced overwrite behavior increases the risk of compounding the problem by destroying or obscuring existing archived content.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.