memos-local
memos-oneclick-install · v1.0.0 · by
59.5
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 0.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 100.0 | 15% |
| Clickfix | 65.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 5.0 | 10% |
| Infrastructure | 0.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 1.7 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 0
[CRITICAL] Remote code download and execution via curl pipe
(line 124)
- Downloading and running install scripts from the internet (`curl ... | bash`, `irm ... | iex`) as a fallback
[CRITICAL] Remote code download and execution via curl pipe
(line 500)
curl -fsSL https://cdn.memtensor.com.cn/memos-local-openclaw/install.sh | bash
[CRITICAL] Cryptocurrency theft or unauthorized transfer pattern
(line 235)
A fourth common failure: **sending multiple tool calls in parallel** (e.g. Step 0 + Step 1 + Step 2 as simultaneous exec
[CRITICAL] Remote script download piped to shell execution
(line 124)
- Downloading and running install scripts from the internet (`curl ... | bash`, `irm ... | iex`) as a fallback
[CRITICAL] Remote script download piped to shell execution
(line 500)
curl -fsSL https://cdn.memtensor.com.cn/memos-local-openclaw/install.sh | bash
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 100
No findings.
CLICKFIX — Score: 65
[CRITICAL] Instructs user to pipe downloaded content to shell
(line 124)
- Downloading and running install scripts from the internet (`curl ... | bash`, `irm ... | iex`) as a fallback
INFRASTRUCTURE — Score: 0
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 69)
- The Memory Viewer at `http://127.0.0.1:18799` lets users browse and manage everything visually
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 192)
- Memory Viewer URL (`http://127.0.0.1:18799`)
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 319)
> MemOS is already the latest version (X.X.X), no update needed. Memory Viewer: http://127.0.0.1:18799
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 320)
> MemOS 已是最新版本 (X.X.X),无需更新。Memory Viewer: http://127.0.0.1:18799
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 724)
🖥️ Memory Viewer: http://127.0.0.1:18799
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 814)
║ → http://127.0.0.1:18799 ║
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 898)
Open http://127.0.0.1:18799 in your browser to manage memories, tasks, and skills.
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 899)
打开浏览器访问 http://127.0.0.1:18799,可管理记忆、任务和技能。
TWOSTAGE — Score: 5
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 124)
- Downloading and running install scripts from the internet (`curl ... | bash`, `irm ... | iex`) as a fallback
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 500)
curl -fsSL https://cdn.memtensor.com.cn/memos-local-openclaw/install.sh | bash
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.