ClawHub

Memory Health Score

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it also tells agents to automatically repair memory and close issues when scores are low without clear approval or rollback controls.

Install only if you are comfortable with a recurring local memory-health check over your workspace. Use the scoring report as the default behavior, and require explicit approval before any memory compression, index rebuild, or issue cleanup is performed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The skill is framed as a scoring/reporting function, but the usage example instructs the agent to also update `memory/health-score.json` on disk. That hidden state-changing side effect can violate user expectations for a read-only assessment tool and may lead to unauthorized or surprising modifications in the workspace when scheduled automatically.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The skill is presented as a health scoring mechanism, but it also specifies automatic repair actions when the score is below 70, including memory compression, index rebuilding, and task cleanup. This is dangerous because an apparently observational tool can silently mutate core memory and task state, potentially deleting, rewriting, or closing important project information without explicit consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation describes automatic repair actions that modify project state without any warning, confirmation, or approval step. In an agent environment, this can cause unintended writes, data loss, or workflow disruption, especially because the affected resources (`MEMORY.md`, `INDEX.md`, issues) are central coordination artifacts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal