Back to skill

Security audit

OpenClaw Memory

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate OpenClaw memory helper, but it deserves review because it promotes durable searchable memory and silent automatic writes before compaction.

Install only if you want OpenClaw to keep durable memory across sessions. Before enabling it, review the memoryFlush setting, the memory directory, any extraPaths, and the chosen embedding provider; avoid storing secrets or sensitive personal data, and make sure you know how to inspect, edit, archive, or delete saved memory entries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation guidance is extremely broad, covering many generic memory-related phrases and troubleshooting situations, which can cause the skill to trigger in contexts where persistence or memory tooling was not intended. Over-broad invocation increases the chance that the agent applies file-writing and memory-handling behaviors unnecessarily, expanding the attack surface for unintended data retention or misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents a silent automatic 'memory flush' that writes durable notes to disk before compaction, with no requirement for explicit user awareness or consent at write time. Silent persistence can capture sensitive conversational content, operational details, or instructions into long-lived files, creating privacy, compliance, and data-retention risks that users may not expect.

Session Persistence

Medium
Category
Rogue Agent
Content
### Layer 1: Daily Logs — `memory/YYYY-MM-DD.md`
- **Append-only** session notes, running context, events of the day.
- OpenClaw reads **today + yesterday** at session start.
- If someone says "remember this" → write it here immediately.
- These accumulate over time; old logs are searchable via `memory_search`.

### Layer 2: Long-Term Memory — `MEMORY.md`
Confidence
91% confidence
Finding
write it here immediately. - These accumulate over time; old logs are searchable via `memory_search`. ### Layer 2: Long-Term Memory — `MEMORY.md` - **Curated** durable facts: decisions, preferences,

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.