ClawHub

Score

Security checks across malware telemetry and agentic risk

Overview

This is a local score-tracking tool that stores and exports game records in plain text as described, with no evidence of hidden network access or credential use.

Install only if you are comfortable with player names, scores, and notes being saved as plain-text files under ~/.local/share/score/ and included in later searches or exports. Avoid entering secrets or sensitive personal data, and delete the stored files manually if you want to clear the history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents persistent file writes, history logging, and export of all stored data, but does not provide a clear warning that invoking it creates local records under a user directory. In an agent setting, this can lead to unintended retention of potentially sensitive names, notes, or game metadata, and later bulk export/search makes that retained data easier to enumerate and disclose.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script persistently stores arbitrary user-provided input under `~/.local/share/score` without an explicit warning, consent flow, retention limit, or input sensitivity guidance. In an agent setting, users may supply names, game history, tokens, private notes, or other sensitive text that then remains on disk and can later be searched, exported, or exposed to other local processes/users with filesystem access.

Ssd 3

Medium
Confidence
93% confidence
Finding
The tool creates a durable local corpus of all user inputs and then provides built-in commands to search, display recent activity, and export the full contents in multiple formats. This turns the skill into a natural-language data retention and disclosure channel: any sensitive information entered during normal use can be easily surfaced later, increasing exposure risk in shared systems, compromised accounts, or agent workflows that may unintentionally store secrets in command arguments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal