AgentMemory Adapter

Security checks across malware telemetry and agentic risk

Overview

This skill openly helps install and configure AgentMemory, with expected privacy and persistence risks but no hidden, unrelated, or destructive behavior found.

Install only if you want AgentMemory to persist coding-agent context across sessions. Review whether setup should be user-wide or project-local, avoid remote HTTP when using AGENTMEMORY_SECRET, keep context injection disabled unless you explicitly want it, and confirm backup and deletion behavior before enabling hooks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill clearly instructs the agent to read local reference files, inspect and modify user/repo configuration, consume environment variables, and contact a local or remote AgentMemory service over HTTP/HTTPS, but it does not declare corresponding permissions. That mismatch is a real security issue because users and policy engines may authorize the skill under incomplete assumptions, especially since it can also handle bearer secrets and rewire MCP/plugin settings.

Session Persistence

Medium

Category: Rogue Agent
Content: --- name: agentmemory-adapter description: Install, wire, audit, and harden AgentMemory for AI coding agents and project workspaces. Use when Codex needs to adopt rohitg00/agentmemory, configure Codex or OpenClaw memory integration, create ClawHub-ready AgentMemory guidance, debug MCP/hook/plugin setup, verify memory capture, or handle edge cases such as npx stalls, sandbox localhost routing, duplicate plugin paths, stale Codex hooks, remote bearer-token security, multi-agent isolation, or missing full-tool proxy mode. metadata: openclaw: requires:
Confidence: 69% confidence
Finding: create ClawHub-ready AgentMemory guidance, debug MCP/hook/plugin setup, verify memory capture, or handle edge cases such as npx stalls, sandbox localhost routing, duplicate plugin paths, stale Codex h

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal