ClawHub

Nm Leyline Usage Logging

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherently about local usage and audit logging; its main risk is that users could choose to record sensitive metadata in local log files.

Install this only if you want help implementing usage or audit logging. Avoid logging secrets, prompts, file contents, personal data, customer identifiers, or credentials unless you have explicit safeguards; set retention, cleanup, and file-permission rules for ~/.claude/leyline/usage before using it in sensitive projects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list contains very broad terms like 'logging', 'usage', 'audit', 'metrics', 'sessions', and 'analytics', which are common across many unrelated tasks. This can cause the skill to activate unexpectedly and inject guidance about persistent logging into contexts where it was not explicitly requested, increasing the chance of unnecessary data collection or accidental exposure of operational metadata.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill promotes persistent local storage of structured usage data, including session IDs, operations, tokens, durations, and arbitrary metadata, but does not warn users that this information will be written to disk. In a logging/audit skill, that omission is especially risky because users may unknowingly persist sensitive operational details, secrets in metadata, or behavioral traces in a predictable file path under the home directory.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal