ClawHub

Nm Conserve Context Optimization

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only context-management skill with purpose-aligned guidance, but users should be careful with its checkpoint examples because they may write sensitive working state to disk.

Install only if you want an agent to use context-conservation and subagent-coordination patterns. Avoid using its checkpointing examples with secrets, credentials, private prompts, or sensitive intermediate results unless you change them to use a private per-run path, tight permissions, minimal structured state, and cleanup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Session Persistence

Medium
Category
Rogue Agent
Content
# Pattern: Externalize critical state before compaction risk
def preserve_subagent_state(progress):
    """
    Write state to files so it survives compaction.
    """
    # Write to TodoWrite for task state
    todo_state = {
Confidence
80% confidence
Finding
Write state to file

Session Persistence

Medium
Category
Rogue Agent
Content
# Pattern: Externalize critical state before compaction risk
def preserve_subagent_state(progress):
    """
    Write state to files so it survives compaction.
    """
    # Write to TodoWrite for task state
    todo_state = {
Confidence
80% confidence
Finding
Write state to files so it survives compaction. """ # Write to TodoWrite for task state todo_state = { 'completed': progress.completed_tasks, 'pending': progress.pending_ta

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal