ClawHub

Process Viewer

Security checks across malware telemetry and agentic risk

Overview

This is a local command-line logbook for process/sysops notes; it stores plaintext data on disk but does not show hidden, networked, destructive, or privilege-seeking behavior.

Install only if you are comfortable running a local Bash script that keeps your entries as plaintext files in your home directory. Do not enter passwords, tokens, regulated data, or confidential incident details unless you are prepared to protect, review, and delete those local logs and any export files yourself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill accepts arbitrary free-text and stores it persistently in plain-text files, but the description does not prominently warn users that sensitive operational data may be retained on disk. In a sysops/incident-response context, users may enter hostnames, alerts, remediation notes, or credentials by mistake, creating a local confidentiality risk if the workstation or home directory is later accessed by others.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The export feature writes the complete stored dataset to JSON, CSV, or TXT files for external processing, but the documentation does not warn that this duplicates potentially sensitive logs into additional files. That increases exposure by making bulk extraction and onward sharing easier, especially in operational environments where exports may be emailed, uploaded, or left in insecure locations.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The script persistently stores arbitrary user-provided input in plain-text log files under the user's home directory without clear disclosure or retention controls. In practice, users may paste process details, hostnames, paths, secrets, or incident notes, creating a local data exposure risk if the workstation, account, backups, or exported home directory are later accessed by others.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The export feature aggregates all previously stored plain-text entries into a new file, increasing the spread and persistence of potentially sensitive data without a warning or consent checkpoint. This amplifies exposure because one command can create a consolidated artifact that is easier to copy, email, back up, or mishandle.

Ssd 3

Medium
Confidence
89% confidence
Finding
Across many commands, the tool collects arbitrary user input and retains it in plain text, then makes it searchable, viewable, and exportable. In the context of a purported system-monitoring skill, users are especially likely to enter operationally sensitive information, so the mismatch between expected telemetry collection and actual free-form data retention makes accidental secret disclosure more likely.

Session Persistence

Medium
Category
Rogue Agent
Content
**Core Operations**
- `scan <input>` — Record a process scan entry (without args: show recent scans)
- `monitor <input>` — Log a monitoring observation (without args: show recent entries)
- `report <input>` — Create a report entry (without args: show recent reports)
- `alert <input>` — Log an alert or warning (without args: show recent alerts)
- `top <input>` — Record top-process data (without args: show recent entries)
- `usage <input>` — Track resource usage (without args: show recent entries)
Confidence
90% confidence
Finding
Create a report entry (without args: show recent reports) - `alert <input>` — Log an alert or warning (without args: show recent alerts) - `top <input>` — Record top-process data (without args: show r

Session Persistence

Medium
Category
Rogue Agent
Content
- **Bash** 4.0+ with `set -euo pipefail`
- Standard Unix utilities: `date`, `wc`, `du`, `tail`, `grep`, `sed`, `cat`, `basename`
- No external dependencies, no network access required
- Write access to `~/.local/share/process-viewer/`

## When to Use
Confidence
92% confidence
Finding
Write access to `~/.local/share/process-viewer/` ## When to Use 1. **Tracking system processes over time** — Use `scan` and `monitor` to build a log of process observations for later review or trend

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal