ClawHub

Self-Improving Agent

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill openly stores correction patterns locally so an agent can improve over time, but users should review what gets saved.

Install only if you want persistent local agent rules. Review or approve each new RULES.md entry, keep entries general, avoid secrets or client-specific personal details, and periodically prune or delete outdated rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes an automatic loop where user corrections are logged into RULES.md and reused in future sessions, but it does not require explicit user notice or consent before modifying persistent files. This can lead to silent state changes, unexpected persistence of user content, and abuse where adversarial or mistaken corrections alter future agent behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The instruction to log ANY user correction to RULES.md lacks filtering for secrets, personal data, or sensitive workflow details. Because corrections may contain client names, email preferences, calendar habits, or other confidential information, this creates a persistent privacy and data-retention risk that can expose sensitive content across future sessions.

Ssd 3

Medium
Confidence
98% confidence
Finding
Persistent logging of all corrections creates a long-lived memory file that can accumulate sensitive user-provided information without safeguards, minimization, or access controls. In this skill's context, the danger is increased because the feature is explicitly designed to learn from every correction over time, making privacy leakage and prompt/data poisoning more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal