Back to skill

Security audit

EchoMemory

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent setup and troubleshooting guide for EchoMemory, with disclosed local API-key storage that users should protect.

Before installing, understand that setup may generate an EchoMemory API key and store it locally in ~/.openclaw/.env. Treat that file as a secret: keep permissions restricted, avoid syncing or committing it, and rotate the key if the machine is shared or compromised.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The onboarding flow states that a new API key is generated and written to ~/.openclaw/.env, but it does not prominently warn the user that credentials will be stored locally on disk. This can lead users to unknowingly persist a sensitive token in a file that may be backed up, synced, or readable by other local processes, increasing the chance of credential disclosure.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill enables implicit invocation but does not define narrow trigger conditions or guardrails for when it should activate. Because this skill handles installation, configuration, troubleshooting, and command routing for a plugin, broad auto-invocation could cause the agent to invoke the skill in unintended contexts, potentially exposing sensitive setup flows, local service guidance, or plugin-related actions when the user did not explicitly request them.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup flow explicitly states that it writes a scoped `ec_...` API key into `~/.openclaw/.env`, but it does not warn about local secret persistence, file permissions, backup/sync exposure, or the need to protect that file. This can lead users to unknowingly leave reusable credentials on disk where other local users, malware, shell history helpers, or cloud backup tooling may access them.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The troubleshooting steps tell users to restore an API key and reference storing settings in `~/.openclaw/.env` and `openclaw.json` without warning that credentials may be written to local plaintext files. In a setup/troubleshooting skill, this can normalize insecure secret handling and increase the chance of accidental exposure through backups, screenshots, shell history, or overly permissive filesystem access.

Session Persistence

Medium
Category
Rogue Agent
Content
Important note:

- with the current one-click flow, users do not need to hand-edit `ECHOMEM_API_KEY`; the plugin can write it automatically after email verification

### First restart and verification
Confidence
94% confidence
Finding
write it automatically after email verification ### First restart and verification After install and config changes: ```powershell openclaw gateway restart ``` Successful startup usually includes:

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.