ClawHub

Hmi

Security checks across malware telemetry and agentic risk

Overview

This is a simple local note-style CLI that stores, lists, removes, and exports entries on the user's machine; its privacy risks are real but disclosed and proportionate.

Install only if you want a basic local CLI tracker. Do not store secrets, credentials, or sensitive operational notes unless plaintext files under ~/.hmi are acceptable, and be aware that export creates files in the current working directory while remove permanently changes the saved local data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Low
Confidence
82% confidence
Finding
The commands are documented only as bare script invocations, without defining when they may be run, what inputs they accept, or what safety boundaries apply. In an agent setting, underspecified commands increase the chance of unintended execution, misuse of local state, or ambiguous interpretation of destructive operations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation advertises export and removal features but does not warn users that data is persistently stored and can be deleted or copied out. This omission is risky because users or agents may treat the skill as informational only, when it actually performs state modification and data disclosure operations on local stored content.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script persistently stores arbitrary user-provided entries in a predictable location under the user's home directory without any notice, retention policy, or permission hardening. In a skill context, users may provide prompts, notes, credentials, or other sensitive operational data, creating a confidentiality risk through accidental long-term retention or local disclosure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The export command writes all stored entries to a new file in the current working directory without any disclosure warning, confirmation, or permission controls. This can expose sensitive logged content to other local users, backups, shared directories, or accidental inclusion in source control and other workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal