ClawHub

Claw History

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent audit-history helper, but it can reveal sensitive past session, memory, and command-log details when used.

Install this only if you want the agent to produce broad accountability timelines. Before running it or enabling the recommended logging hooks, consider whether local memory files, prior sessions, sub-agent records, or command logs may contain secrets, private user content, internal paths, or sensitive operational details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Ssd 3

Medium
Confidence
93% confidence
Finding
This skill is explicitly designed to reconstruct and disclose a full lifetime history using memory, session history, and tool logs. That creates a real data-exposure risk because those sources can contain sensitive user content, internal reasoning-adjacent traces, operational metadata, or information from other sessions that should not be broadly surfaced on demand.

Ssd 3

High
Confidence
98% confidence
Finding
The required data-source order instructs the agent to aggregate information from long-term memory, session inventory, sub-agent sessions, and current conversation/tool logs. This is dangerous because it encourages cross-context data aggregation and disclosure, potentially exposing sensitive information beyond the user's need-to-know scope or original access boundary.

Ssd 3

Medium
Confidence
95% confidence
Finding
The output format requires 'all actions' and source pointers, which increases the chance of revealing sensitive historical details, internal file paths, record locations, or references that make further data extraction easier. Even when the underlying data is partially legitimate to summarize, exposing exhaustive action logs and precise pointers materially increases disclosure risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal