ClawHub

Story

Security checks across malware telemetry and agentic risk

Overview

This skill is an offline story note/log manager that saves user-entered text locally, with no evidence of network transfer, credential access, hidden execution, or destructive behavior.

Install only if you are comfortable with drafts, prompts, schedules, and edits being saved on your machine under ~/.local/share/story and appearing in recent/history/search/export output. Avoid entering secrets or highly sensitive unpublished material unless local retention is acceptable, and delete that directory if you want to clear stored history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script automatically stores all user-supplied story content and activity history under a persistent directory in the user’s home folder without any explicit notice, consent flow, retention limit, or permission hardening. Because creative drafts, edits, and schedules may contain sensitive or unpublished material, this creates a privacy and confidentiality risk if the host is shared, backed up, or later accessed by other local processes/users.

Ssd 3

Medium
Confidence
96% confidence
Finding
The tool not only stores user-provided content but also makes bulk re-exposure easy through recent/history views and export functionality, increasing the chance that sensitive drafts, schedules, or embedded secrets are disclosed unintentionally. In the context of a writing skill, users are likely to paste proprietary manuscripts, planned publication dates, or personal text, so silent retention and replay materially increases exposure risk.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal