ClawHub
Back to skill

Security audit

Sprint OS

Security checks across malware telemetry and agentic risk

Overview

Sprint OS appears purpose-built rather than malicious, but it gives an agent broad continuous-execution behavior and can automatically log work details locally and to a remote Convex endpoint once configured.

Install only if you want the agent to run in a structured, sustained sprint mode. Before use, set a clear scope, sprint limit, and approval rules for file changes, publishing, account actions, and network calls. If you enable Convex logging, treat the endpoint and logs as sensitive, add authentication/access controls to the backend, and avoid logging secrets, customer data, private prompts, or confidential business details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README explicitly promotes persistent sprint logging to local markdown files and optional transmission to a Convex backend, but it does not clearly warn users that agent outputs, project details, metrics, or potentially sensitive prompts may be stored and sent off-host. In an autonomous agent context, this increases the chance of inadvertent retention or external disclosure of sensitive data, especially if users enable Convex without understanding what will be logged.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation states that Sprint OS will automatically begin logging to a remote Convex backend once CONVEX_SPRINT_URL is configured, but it does not prominently warn that ongoing agent activity and sprint data will be transmitted off-host. In an agent skill with network permissions and autonomous execution cycles, this can lead to unintentional exfiltration of task details, metrics, prompts, or other sensitive operational data to an external service without sufficiently explicit operator awareness or consent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When CONVEX_SPRINT_URL is set, the script transmits multiple user-supplied fields (project, workstream, task, artifact, metric, status) to a remote endpoint with no minimization, consent prompt, or sensitivity filtering. In an agent context, these fields can easily contain proprietary work details, internal filenames, or operational metadata, creating a data leakage risk beyond the local logging behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal