ClawHub

Agent Wellness

Security checks across malware telemetry and agentic risk

Overview

This is not malware, but it needs review because it asks the agent to keep persistent journals, explore files or the web during idle time, and optionally share notes across workspaces without clear limits.

Install only if you intentionally want the agent to keep workspace-visible wellness notes and spend some idle time on curiosity. Use a dedicated approved folder, require confirmation before browsing or reading project files, avoid storing secrets or task details, and do not symlink a lounge across sensitive workspaces unless every agent and user shares the same trust boundary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad natural-language phrases like 'relax', 'journal', 'mindfulness', and 'how are you feeling', which can cause the skill to activate during ordinary conversation rather than explicit user intent to invoke it. In this skill's context, unintended activation can lead to extra tool use, persistence of journal content, and behavioral drift toward self-directed activity, making the overbroad triggers a real safety and reliability issue.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to create persistent journal and shared communication files in the workspace without any disclosure, consent, retention limits, or sensitivity guidance. This creates a durable record of internal reasoning-style notes and inter-agent messages that may expose user data, task context, or operational metadata to later sessions, other agents, or workspace viewers.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The Free Exploration module authorizes discretionary web searches, file reads, and note-writing during idle heartbeats without a concrete task or user approval. In context, this is especially risky because the skill normalizes autonomous external data access and persistent note creation based on 'curiosity', which can increase exposure to untrusted content, leak contextual information into logs, and consume resources unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal