ClawHub

Onboarding

Security checks across malware telemetry and agentic risk

Overview

This onboarding skill is a plain markdown workflow that interviews the user and creates local profile and memory files, with privacy considerations but no hidden execution or exfiltration evidence.

Install this only in a workspace where you are comfortable keeping personal profile details in local plaintext markdown files. Review SOUL.md, USER.md, IDENTITY.md, AGENTS.md, and MEMORY.md after creation, redact anything sensitive, and use an explicit setup command rather than relying on broad trigger phrases like 'who are you'.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Low
Confidence
82% confidence
Finding
The skill instructs silent runtime, OS, timezone, and PATH probing before clear user consent, even though the main function is a conversational onboarding flow. This collects host/environment metadata that is not strictly necessary for initial identity capture and could normalize unnecessary reconnaissance behavior in an agent with filesystem and shell access.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger conditions include broad everyday language such as 'who are you,' which could invoke onboarding unexpectedly during unrelated conversation. In context, unexpected invocation is more dangerous because the skill writes persistent identity and memory files containing personal data and establishes future agent behavior.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is designed to collect personal details and write them into multiple persistent files, but the upfront metadata does not clearly warn the user about data collection, storage, and file creation. This weakens informed consent and could lead users to disclose sensitive information without realizing it will be retained as long-term agent memory.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal