ClawHub

懒人系统

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed habit check-in skill that stores simple progress state and optionally schedules reminders, with no evidence of hidden access, exfiltration, or destructive system behavior.

Before installing, make sure you actually want a daily scheduled check-in and memory-based habit tracking. Use a specific phrase when interacting with it, be careful with Reset because it clears counters, and remove the Hermes cron job and memory entry if you stop using the system.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger phrase "Back" is highly ambiguous in normal conversation and could unintentionally activate the skill or resume a paused workflow when the user meant something else. In a proactive check-in skill that updates memory/state, accidental invocation can cause confusing state transitions and undesired behavioral nudges.

Vague Triggers

Medium
Confidence
98% confidence
Finding
The trigger phrase "Reset" is overly broad and may collide with ordinary user language, causing accidental execution of a destructive state reset. Because reset clears counters and progress, an unintended match can erase user history or disrupt the accountability system without clear intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documented behavior "重启系统 / all counters reset" does not indicate any warning, confirmation, or summary of consequences before destructive action. Users may invoke it casually and lose streak/history data that materially affects the skill's purpose as a tracking and accountability system.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The English interaction table exposes a destructive "Reset" command with no explicit warning or confirmation requirement. Since the skill relies on stored memory and streak tracking, silent destructive actions undermine user expectations and create avoidable data loss risk.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger phrase "check in" is generic everyday language and can easily match unrelated user requests, causing the skill to activate unintentionally. In this skill, accidental activation is more concerning because the skill is designed to initiate ongoing behavioral workflows and may lead users into installing cron-based automation and persistent memory usage without clear intent.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The trigger "打卡" is extremely short and broadly used in ordinary conversation for clock-ins, status updates, and habit tracking, so it may activate the skill unintentionally. Because this skill encourages persistent tracking and automated follow-up, accidental invocation can create confusion or nudge users into an automation flow they did not explicitly request.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The installation steps direct users to create a daily cron job and store persistent behavioral data in memory, but do not clearly warn that the agent will continue proactive check-ins and retain data over time. This undermines informed consent and may surprise users with ongoing automation, especially in a skill centered on repeated monitoring of daily habits.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal