Memory Archiver

Security checks across malware telemetry and agentic risk

Overview

This appears to be a purpose-aligned log archiving skill, with the main caveat that it can delete original logs after archiving if that option is enabled.

Before installing, check whether `delete_after_archive` is enabled by default. Keep it off unless you want original memory logs removed, and verify archives are readable and backed up before allowing cleanup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly states that archived source files may be deleted after compression (`delete_after_archive = true`) and the workflow includes a cleanup step, but it does not present this as a clear user-facing warning or destructive-action notice. This is dangerous because users may trigger the skill expecting archival only, and unintentionally lose original logs if compression fails silently, archives are corrupted, or retention expectations were different.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal