ClawHub

Knowledge Harvester

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims: fetches Google News RSS results, summarizes them, and stores attributed summaries in local memory for retrieval.

Install only if you are comfortable with your configured topics being sent to Google News as search queries and with generated summaries being stored in persistent memory. Avoid sensitive interests in domains.md, and periodically review or prune memory/knowledge if you do not want old news influencing future answers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill invokes shell commands (`cat`, `mkdir`, `cp`, `bash`, `head`) and external scripts but does not declare corresponding permissions or clearly surface that operational capability. This creates a trust and review gap: users and policy enforcement may underestimate what the skill can do, including filesystem modification and network-enabled article fetching via helper scripts.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill writes summaries into `memory/knowledge` without an upfront warning in the skill description or an explicit confirmation step before modifying persistent user data. Even if intended functionality, silent writes to a long-lived memory store can cause unwanted persistence, pollution of RAG context, and accidental retention of sensitive or low-quality content.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
When no configuration exists, the skill automatically creates `memory/clawforage/domains.md`, which modifies persistent user storage without prior warning in the skill metadata. Auto-generating files in memory is risky because it normalizes unannounced state changes and may surprise users who did not intend the skill to initialize or persist configuration.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal