ClawHub

Memory Distiller

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it silently saves selected conversation details into long-term memory with broad triggers and limited user control.

Install only if you want automatic long-term memory from your conversations. Avoid using it in sessions with secrets or sensitive personal information, and regularly inspect `MEMORY.md`, `USER.md`, and dated memory files for private, incorrect, or unwanted entries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly says the skill automatically scans every conversation and writes structured entries to persistent memory, but it does not warn users about privacy, retention, or consent implications. In a memory-oriented skill, silent persistence of conversation-derived data can cause sensitive information, credentials, personal preferences, or confidential business context to be stored longer than users expect.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases listed for activation are broad natural-language fragments such as 'actually', 'turns out', and 'from now on', which commonly appear in ordinary conversation. In a skill that writes to durable memory, vague triggers increase the chance of unintended capture and persistence of incidental statements, mistaken corrections, or sensitive context that was never meant to become long-term memory.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README states that the skill automatically scans every conversation and writes corrections, preferences, and insights into a persistent memory file, but it does not clearly warn users about privacy, retention, or the risk of storing sensitive content. In a memory-focused skill, silent persistence of conversational data can capture personal, confidential, or security-relevant information and make that data available beyond the original session.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger phrases are broad enough to match normal conversation, so the skill may persist data when the user did not intend to create long-term memory. In this skill's context, that is risky because it writes to durable memory files automatically and can silently retain sensitive or misleading information despite the quality gate.

Missing User Warnings

High
Confidence
97% confidence
Finding
The description markets the skill as beneficial but does not clearly warn that it automatically writes conversation-derived information into persistent memory files. This undermines informed user consent and increases the chance that users disclose information they would not have shared if they understood the retention behavior.

Missing User Warnings

High
Confidence
98% confidence
Finding
The behavioral rule explicitly says auto-triggered writes occur silently, which creates covert persistence of user-derived data without immediate notice. In a memory-distillation skill, silent operation makes the issue more dangerous because broad triggers and subjective quality checks can cause unnoticed retention of private, incorrect, or context-specific information.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal