ClawHub

heartbeat-scanner

Security checks across malware telemetry and agentic risk

Overview

The skill is a local, user-driven classifier for supplied posting metrics, with privacy-sensitive profiling language but no evidence of hidden access, exfiltration, persistence, or unsafe automation.

Install only if you are comfortable with a local heuristic tool analyzing posting-pattern metrics. Use it on your own or authorized profile files, avoid putting sensitive identifiers in shared terminals or logs, and treat the classification as non-authoritative rather than proof of a person’s identity or nature.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly promotes analysis of posting timing, content, and behavioral patterns to infer a user's 'true nature,' which is privacy-sensitive behavioral profiling. Even though this file is documentation rather than executable code, it normalizes collection and inference over potentially sensitive personal data without consent language, minimization guidance, retention limits, or safety warnings, increasing misuse risk.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill frames itself as determining whether a subject is an 'Agent' or 'Human' from behavior patterns, which is an identity/classification inference about a person or account without any user choice, acceptable-use boundary, or governance rationale. In context, the playful wording ('your true nature') can make a consequential profiling feature seem harmless, which may encourage non-consensual use on others and overreliance on weak signals.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The scanner prints the supplied file path and extracted profile attributes such as agent name, posting counts, time span, and scores directly to stdout without any consent gate, masking, or quiet-by-default behavior. In shared terminals, logs, CI pipelines, or agent environments, this can leak potentially sensitive profile metadata to unintended observers or persistent logging systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal