ClawHub

Touch The Grass

Security checks across malware telemetry and agentic risk

Overview

This wellness reminder skill is coherent and disclosed, but it handles personal routines, calendar events, optional photos, and daily reminders.

Install only if you want a proactive wellness assistant that may create Google Calendar events, store progress and mood check-ins in agent memory, and optionally analyze photos or social links for points. Confirm event details and timezone before calendar writes, enable cron or heartbeat only if you want daily reminders, and use text confirmation instead of photos or links if privacy matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill instructs the agent to execute a system-level CLI command to install a persistent cron job, which expands its authority beyond simple wellness suggestions and calendar management. Persistent automation can create unintended recurring actions, and the retry instruction if `jobs: 0` further encourages command execution without a clear consent/check boundary at runtime.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation language is very broad for common expressions of stress or fatigue, which can cause the skill to trigger in ordinary conversation without clear user intent. In this skill's context, overbroad triggering is more dangerous because it can lead to proactive behavioral nudges, scorekeeping, and downstream actions like reminders or calendar planning tied to sensitive wellness signals.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README says the skill 'arranca automáticamente' when the user appears burned out or needs to disconnect, but does not define safeguards or confirmation requirements. Because this skill can initiate reminders, tracking, and scheduling based on inferred emotional state, ambiguous automatic start behavior creates an undue risk of unwanted activation and autonomy overreach.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill advertises visual photo verification but does not present a prominent privacy warning at the point where the feature is described. This is risky because users may share sensitive images of themselves, their home, location, or surroundings without understanding the processing, retention, or optionality of that analysis.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README mentions creating Google Calendar events and reminders but does not clearly warn that the skill may perform actions on the user's behalf. Even if lower severity than photo analysis, this can still surprise users, create unwanted notifications, and expose sensitive wellness-related activities in their calendar.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The setup instructions hardcode America/Mexico_City for the daily cron without presenting it as an example or asking the user to choose their own time zone. This can lead to mistimed reminders and unwanted proactive outreach, especially for a skill that monitors wellness routines and may trigger daily engagement.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The requirements section specifies a fixed time zone as if it were mandatory, without user opt-in or justification. In context, this increases the chance of incorrect scheduling and background nudging at inappropriate times, which is especially problematic for a skill centered on stress and burnout support.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill processes photos, screenshots, and social-media URLs for verification without a clear upfront warning about privacy implications, external data handling, or retention. This can lead users to share sensitive images or third-party content under unclear consent boundaries, especially because the scoring system incentivizes richer evidence submission.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal