Back to skill

Security audit

MCM Agent

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud memory-sync skill that requires user consent and an API key, with no executable code in the artifact.

Install only if you want a third-party service to store selected AI memories across devices. Before providing an API key, review the provider, retention and deletion controls, and avoid syncing secrets or highly sensitive chat details unless you are comfortable storing them in that cloud account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase "memory" is extremely broad in an AI assistant context and is likely to appear in ordinary conversation, causing unintended activation of the skill. Because this skill handles cloud syncing of user memory data, accidental invocation increases the chance of unnecessary prompting, confusion, or unintended preparation to access or store sensitive information.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger "同步" (sync) is too generic and can match many unrelated user requests about synchronization, not specifically this memory service. In a skill that can retrieve or store cross-device memory, overly generic activation raises the risk of unintended invocation around potentially sensitive personal data workflows.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
91% confidence
Finding
The trigger "记忆" (memory) is very short and highly ambiguous, making accidental matches likely in normal Chinese-language conversations. Although the skill states that explicit user consent is required before syncing, broad activation still expands the chance of unwanted skill engagement in discussions involving personal memories or stored information.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
92% confidence
Finding
The trigger "同步" is a short, generic term that can be used in many unrelated contexts, making false activations plausible. In the context of a memory-syncing skill, this is risky because it may surface cloud-memory behavior when the user merely discusses synchronization in general, creating privacy and consent friction.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.