ClawHub

Agent Longevity

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local toolkit for long-running agent memory, logging, and output audits, with no evidence of hidden execution, network exfiltration, or destructive behavior.

Install only if you want local helpers and guidance for long-running agent memory and audits. Configure AGENT_DATA_DIR to a folder you control, review or delete generated JSONL logs as needed, and do not put API keys, passwords, or sensitive personal data into memory files or decision reasoning fields.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Tainted flow: 'LOG_FILE' from os.environ.get (line 21, credential/environment) → open (file write)

Medium
Category
Data Flow
Content
}
    if extra:
        entry["metadata"]["extra"] = extra
    with open(LOG_FILE, "a", encoding="utf-8") as f:
        f.write(json.dumps(entry, ensure_ascii=False) + "\n")
    return entry
Confidence
90% confidence
Finding
with open(LOG_FILE, "a", encoding="utf-8") as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill references executable scripts and describes file-based memory management and logging, which implies read/write access and possibly environment usage, yet no permissions are declared. In a long-running autonomous-agent context, undeclared capabilities reduce operator visibility and can enable unintended file access, persistent state changes, or execution assumptions without informed consent.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The trigger conditions are broad enough to match ordinary discussions about agents, autonomy, memory, bias, or output quality, which can cause the skill to activate outside narrowly intended scenarios. Because this skill promotes autonomous long-running behavior and self-managed memory/logging, accidental invocation increases the chance of unnecessary persistence-oriented guidance being applied in benign chats or unsuitable environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal