ClawHub

TimeMachine

Security checks across malware telemetry and agentic risk

Overview

This backup skill is coherent but needs review because it can copy and persist secrets without showing the promised encryption in code.

Review before installing. Treat every snapshot as sensitive because it may contain API keys, credentials, environment variables, skills, configs, memory, and private workspace files. Prefer a version that excludes secrets by default or implements real encrypted storage, explicit file previews, and tighter restore scoping.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are overly generic for a high-impact skill that can create, list, delete, and roll back backups. In a natural-language routing system, phrases like "create backup" or "show backups" can be invoked unintentionally by ordinary conversation, causing the skill to run when the user did not clearly intend snapshot or restore operations.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly includes `credentials/*` and `.env` in backups but does not warn the user about copying secrets into snapshot storage or explain how those backups are protected. Even if credentials are described as encrypted, the encryption model, key handling, and access controls are unspecified, so backups may become a concentrated source of secrets exposure during storage, listing, rollback, or transfer.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script explicitly backs up sensitive material including 'credentials' and '.env' into snapshot storage without any warning, opt-in, or protection mechanism. This increases the chance that secrets are duplicated into less protected locations, retained longer than intended, or exposed through later backup sharing, local compromise, or accidental disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal