ClawHub

Conversation Archive

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local conversation archive, but it automatically persists private chat-derived data without enough clear consent, scoping, or implemented privacy controls.

Install only if you intentionally want persistent local conversation memory. Before enabling it, confirm exactly which sessions are archived, how to disable automatic capture, how to delete stored archives, whether redaction actually works, and whether extracted memories are reviewed before reuse.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill describes automatic archiving, indexing, and retention of session data, which clearly implies filesystem write capability, yet no permissions are declared. That creates a transparency and authorization gap: an operator or user cannot accurately assess that the skill persists conversation data, including potentially sensitive content, to disk.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The archive triggers are broad and automatic, including inactivity, compact/restart events, and scheduled forced archival. This increases the chance that full conversations are persisted without a clear user action at the time of storage, which can capture sensitive or unexpected content and create privacy and compliance risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill promotes preserving original conversation records and automatic archiving but does not clearly warn users that full conversation contents may be stored and retained over time. In a memory/archive context, this omission is especially dangerous because users may disclose secrets, personal data, or confidential business information under the assumption that the exchange is ephemeral.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The function persists conversation-derived content, including excerpts from user and assistant messages, to a predictable local archive under the user's home directory without any consent flow, retention notice, access control, or minimization. Archived conversation data can contain sensitive personal, business, or credential-adjacent information, so silent retention increases privacy and exposure risk if the host is shared or compromised.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal