ClawHub

情感记忆助手

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises, but it keeps local mood history and short message snippets that users should treat as sensitive.

Install only if you are comfortable with a local file storing mood history and up to 100 characters of analyzed messages. Periodically inspect or delete ~/.memory/emotions/history.json if you do not want that history retained; there is no evidence here of network sharing or malicious behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill advertises persistent emotional-history storage in `~/.memory/emotions/history.json`, which implies file read/write behavior, but it does not declare corresponding permissions. Undeclared data access reduces transparency and prevents informed review of what sensitive user data is being stored or retrieved, especially because emotional state is privacy-sensitive.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automatic emotion detection, historical memory, and weekly reporting of user emotions without any privacy notice, consent flow, or explanation of retention/use. Emotional history is sensitive behavioral data, so collecting and storing it silently can expose intimate personal information and create meaningful privacy harm if misused or accessed by others.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill states it will proactively send care messages when negative emotion is detected and a timing condition is met, but it does not clearly warn or ask users to enable this behavior. Unsolicited proactive outreach based on inferred emotional state can feel intrusive, reveal sensitive inferences unexpectedly, and cause harm if messages appear in inappropriate contexts.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill persistently stores sensitive emotional history, matched keywords, timestamps, user IDs, and up to 100 characters of message context in a local file without any consent, notice, retention limit, or access control. Emotional state and conversation snippets are privacy-sensitive data, and if the host account, backups, or local filesystem are accessed by another party, the user’s mental state, concerns, and personal context could be exposed.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal