ClawHub

Project Task Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed remote project-planning skill that persists task data, with no evidence of hidden execution, exfiltration, or destructive behavior.

Install only if you are comfortable sending project objectives, task descriptions, constraints, progress, and notes to AgentPMT, where generated task trees persist across sessions and each action may cost credits. Avoid including secrets, private credentials, wallet material, or highly confidential project details, and invoke it deliberately for project-planning work rather than ordinary uses of the word "task".

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill advertises very broad activation terms such as generic words like 'task' and 'decompose', which can cause an agent to invoke this remote service in contexts unrelated to explicit project-management intent. Because the tool is backed by persistent remote calls, accidental activation can leak user objectives, plans, or work context to an external provider and trigger unnecessary paid actions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description uses broad discovery and invocation language that encourages matching on common planning-related phrases rather than explicit tool requests. In an agent ecosystem, that increases the chance of unintended remote invocation, exposing user project details to a third-party service and causing persistence of data across sessions without deliberate consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal