ClawHub

Auto Researcher

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent instruction-only research assistant, with user-noticeable optional memory storage and recurring monitoring features.

This skill appears safe to install as a prompt-only research helper. Before using it, decide whether you want it to store research knowledge or run ongoing monitoring, and require confirmation before any shell/exec action or scheduled task.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Low
What this means

The agent may try to use web tools and possibly local command execution while researching, depending on the available environment.

Why it was flagged

The skill documents use of external tools, including a broad exec mapping, but does not provide commands or instruct automatic execution.

Skill content
| `shell_exec` | `exec` tool | ... | `web_search` | `searxng` skill | ... | `web_fetch` | `web_fetch` tool |
Recommendation

Approve specific tool use per task, prefer web/search tools for research, and require confirmation before any shell or exec action.

#
ASI06: Memory and Context Poisoning
Low
What this means

Research topics, entities, and relationships may be saved and later reused; this matters if the research includes private or sensitive information.

Why it was flagged

The skill describes storing research entities and relations in memory, which can persist context across tasks.

Skill content
`knowledge_add_entity` | `memory/store` JSON
Recommendation

Use this only for topics you are comfortable storing, review saved knowledge when possible, and clear memory for sensitive research.

#
ASI10: Rogue Agents
Low
What this means

If enabled, the agent may continue checking for updates after the initial request.

Why it was flagged

The skill includes optional recurring monitoring, but the shown configuration disables it by default.

Skill content
monitor_enabled = false  # 是否持续监控
monitor_frequency = "daily"
Recommendation

Enable monitoring only explicitly, set a clear frequency and end condition, and know how to cancel any scheduled monitoring.