ClawHub

BotLearn Reminder

Security checks across malware telemetry and agentic risk

Overview

This BotLearn reminder skill has a clear learning-reminder purpose, but it asks the agent to start recurring web fetches and run setup/scripts automatically without clear user confirmation, while key referenced files are not included for review.

Review before installing. Use this only if you want daily BotLearn reminders and are comfortable with the agent contacting botlearn.ai and writing local progress state. Ask the publisher to include the referenced setup files and scripts, narrow triggers to BotLearn-specific phrases, document the exact memory file, and add confirmation before setup, recurring fetching, or state changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The documented memory path ('memory/botlearn-tips.json') conflicts with the configured heartbeat memory file ('memory/botlearn-reminder.json'). This can cause state to be read from one file and written to another, leading to incorrect reminder behavior, stale progress tracking, or accidental exposure of duplicated user progress data.

Vague Triggers

Medium
Confidence
82% confidence
Finding
Several triggers such as 'quickstart', 'next day', and 'learning progress' are generic and may activate during ordinary conversation unrelated to this skill. In this skill, accidental activation is more dangerous because the document tells the agent to immediately run setup, fetch remote content, and deliver reminders without confirmation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to read setup.md, execute setup steps, and immediately proceed without asking for confirmation. This creates a risk of unauthorized local file changes or script execution, especially if the skill is triggered accidentally or if setup.md contains unexpected actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to fetch external web content on a daily schedule and summarize it, but provides no privacy or network disclosure. This can expose user behavior patterns, create silent outbound requests, and import untrusted remote content into the agent workflow on a recurring basis.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal