ClawHub

Note

Security checks across malware telemetry and agentic risk

Overview

This is a local note-taking skill that stores user-provided notes on disk and does not show network sharing, credential access, or destructive behavior.

Install this only if you want the agent to keep persistent local notes. Avoid saving secrets or sensitive personal data unless you are comfortable with it remaining in the OpenClaw workspace, and use explicit commands such as save this note or search my notes when handling sensitive topics.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs the agent to read and write local files under memory/notes, but it declares no permissions. Hidden or undeclared file access weakens user/admin understanding of the skill’s actual capabilities and can bypass policy gating or review workflows that rely on explicit permission manifests. In a note-taking skill, local file access is expected, but the lack of declaration still creates a real transparency and control failure.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The manifest description uses broad natural-language activation cues like taking notes, capturing ideas, or finding previous notes, which can match ordinary conversation and trigger the skill unexpectedly. Because this skill writes persistent local data, over-broad invocation can cause unintentional storage of sensitive user content or retrieval of private notes in the wrong context.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The meeting-preparation example trigger, 'I'm meeting with Sarah tomorrow,' is ambiguous and could appear in normal conversation without a request to search or assemble notes. In a skill that aggregates prior notes about a person, this can unexpectedly expose sensitive personal or project information merely from conversational context.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal