Security audit

我的脑子

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local memory-management skill, but users should treat its saved profile and memory files as sensitive persistent data.

Install only if you want OpenClaw to keep persistent local memory. Review USER.md, MEMORY.md, and memory/ regularly, avoid saving secrets or highly sensitive personal data, and delete or redact entries you no longer want retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (5)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README instructs users to store profile data and long-term memory in persistent files, but it does not clearly warn that these files may contain sensitive personal information and will remain on disk. This can lead to over-collection or retention of personal data without informed consent, increasing privacy and confidentiality risk if the workspace is shared, synced, or later exposed.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The memory workflow says that when the user says '记住这个', P0 information should be written immediately to MEMORY.md, but it does not require a user-facing confirmation that the content will be persisted. That creates a real risk of silently storing sensitive facts, preferences, or emotional information in long-term files beyond the user's expectations.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to record information into long-term memory files, daily logs, and archives, but it does not clearly require user consent, disclosure of persistence, retention limits, or rules for handling sensitive data. In an AI assistant context, this can cause silent storage of personal, behavioral, or confidential information across sessions, creating privacy and compliance risks even if the feature is framed as helpful memory management.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The rules explicitly direct the agent to retain user information in persistent files such as MEMORY.md and archives, but they do not require clear user notice, opt-in consent, retention limits, or deletion controls. This creates a real privacy risk because the agent may store personal preferences, emotional states, and conversation-derived data without the user's informed awareness, increasing exposure in the event of misuse, over-collection, or later data leakage.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The template instructs automatic creation of files under a user directory during daily heartbeat without any visible consent, warning, or confirmation flow. Silent filesystem writes can surprise users, create privacy issues, and normalize persistent data storage from ordinary interactions, especially when reflections may contain sensitive personal or work information.

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal