ClawHub

God Mode — Autonomous AI Agent Loop by TalonForge

Security checks across malware telemetry and agentic risk

Overview

This skill openly enables a persistent autonomous agent, but it gives broad recurring file-cleanup and task-execution authority without enough scoping or user approval controls.

Install only in a tightly scoped workspace where you intentionally want scheduled autonomous work. Before enabling heartbeats, restrict TASKS.md to low-risk tasks, disable or require approval for hygiene actions, protect important logs and project files, and require human approval for public posting, account actions, financial/business data changes, file deletion, dependency cleanup, and log truncation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
82% confidence
Finding
The skill claims that 'nothing is truly deleted' while elsewhere instructing deletion of empty directories, stale flags, log truncation, cleanup of caches, and removal of files. In an autonomous agent that runs on a heartbeat, misleading retention guarantees can cause operators to trust that recovery is always possible when some actions are actually irreversible or partially destructive.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs an autonomous agent to perform broad hygiene actions such as moving stale files, deleting directories, truncating logs, cleaning node_modules, and removing state/temp files, but does not present a strong user-facing warning, confirmation model, or scoped allowlist. Because this runs periodically without per-action approval, mistakes in file classification, timestamps, or workspace layout could lead to loss of important data, broken environments, or destruction of forensic evidence.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The hygiene section instructs the agent to archive stale files, clean completed task sections, and truncate large logs without any explicit confirmation, scoping, or recovery safeguards. In an autonomous agent context, these maintenance actions can destroy audit evidence, remove useful context, or mishandle files if paths or file selection logic are wrong.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script writes to multiple workspace files and appends protocol instructions to HEARTBEAT.md without a single upfront summary or explicit confirmation for all modifications. In an agent skill context, silently altering control documents can change downstream agent behavior and cause a user to enable autonomous execution without fully understanding what was modified.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal