ClawHub

Sleep Channel

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local sleep-tracking skill that stores Discord sleep-log data in workspace files, with no evidence of hidden network access or unrelated privileges.

Install only if you are comfortable keeping sleep history and Discord metadata in local workspace files. Use a dedicated sleep-tracking channel, set SLEEP_TIMEZONE explicitly, and treat correction or deletion requests as commands that can change the local log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill clearly relies on environment variables and file-backed state via `scripts/tracker.py`, but it does not declare explicit permissions for those capabilities. That mismatch weakens reviewability and policy enforcement because operators may not realize the skill reads environment configuration and mutates persistent tracker data under the workspace. In this context the behavior appears aligned with the skill’s stated purpose, so the issue is not covert abuse, but it is still a real security and governance problem.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The documented `delete-latest` action removes data with no stated confirmation step, warning, or recovery guidance. In a Discord-driven workflow, a mistaken interpretation of a user message or an accidental invocation could silently delete the most recent sleep record, undermining integrity of the log and making correction difficult if no audit trail exists. The dedicated sleep-tracking context lowers the chance of broad system harm, but it increases the likelihood of user data loss from ambiguous natural-language commands.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill exposes correction and deletion operations that mutate the sleep log immediately, with no confirmation, authorization check, or provenance validation tied to the caller. In a Discord workflow, that increases the risk of accidental or unauthorized destruction of sleep-tracking records, especially because delete_latest affects the globally latest active entry rather than the requesting user's latest entry.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal