Back to skill

Security audit

Enhanced Search Service

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises: improve memory search ranking, with some privacy and dependency-trust considerations.

Install this only with trusted co-occurrence and semantic-vector adapters. Avoid using it for searches containing secrets or highly sensitive personal data unless you are comfortable with query snippets and result relationships being recorded by the local memory infrastructure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The service sends user query content to an external dependency via record_cooccurrence(mem_ids, f"search:{query[:50]}") without any indication of minimization, consent, or trust boundary controls. Queries can contain sensitive terms, secrets, internal project names, or personal data, so forwarding them to another adapter creates a data leakage and privacy risk, especially because the adapter is imported from a mutable path under /root/.openclaw/workspace/integration/adapter.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.