ClawHub

Feelings Framework

Security checks across malware telemetry and agentic risk

Overview

This skill is a local mood-state framework whose persistence is disclosed and aligned with its purpose, though users should understand the privacy implications of retained interaction-derived state.

Install only if you are comfortable with the agent keeping a small local record of inferred mood, feelings, timestamps, session counts, and trigger counts across sessions. Store it in a protected workspace and clear or disable the memory backend if you do not want this state retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The specification explicitly directs persistent storage of interaction-derived emotional state in a per-agent JSON file under the user's home directory, but it provides no notice, consent model, retention policy, or guidance on protecting that data. Even if the stored data is 'just mood', it is derived from user interactions and can reveal behavioral patterns, relationship inferences, session frequency, and other sensitive metadata over time.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README explicitly promotes persistent storage of an agent’s affective state across sessions and later shows file/localStorage-backed memory, but it does not warn that this state may be derived from user interactions and could reveal sensitive behavioral or relational inferences over time. In an agent skill context, retained emotional-state data can become a privacy and compliance risk if users are unaware of storage, retention, scope, or access controls.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The code persists interaction-derived mood state to a per-agent JSON file on disk during session end, but there is no indication of notice, consent, or retention control for users whose interactions influence that state. While this is not an exploit primitive like code execution, it is a real privacy weakness because behavioral inferences are stored across sessions and may be unexpected in an agent integration context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal