ClawHub

Algernon Texto

Security checks across malware telemetry and agentic risk

Overview

This guided-reading skill has disclosed, purpose-aligned study features, with some persistence and Notion-export behavior users should understand before use.

Install this if you want OpenAlgernon guided reading with generated study cards. Before use, be aware that completed sessions can be logged locally and, if NOTION_PAGE_ID and notion-cli are configured, study content can be appended to Notion; unset that configuration or use a dedicated page if you do not want external persistence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill presents itself as a block-by-block reading mode, but it also performs additional actions: generating study cards and persisting session output to Notion and local memory logs. This expands the skill from passive content delivery into data processing and external/persistent writes, increasing privacy and data-governance risk if users are not clearly informed and do not explicitly consent.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The optional Notion write capability sends derived session content to an external service, which is beyond the core reading-mode purpose and is not prominently disclosed in the skill description. Even if gated on environment variables, it can exfiltrate user-derived notes or study content to a third-party system without sufficiently explicit user awareness at runtime.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
Appending a summary to a persistent conversation memory log creates local data retention that exceeds a reading-only interaction and may capture sensitive study interests or session metadata. Because this persistence is silent and not clearly surfaced to the user, it introduces privacy and retention risks even though the write is local rather than remote.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not warn users that session-derived content may be saved to Notion or to local memory logs. This omission undermines informed consent and makes otherwise optional persistence/export behavior more dangerous, because users may reasonably assume the skill only displays text block by block.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal