ClawHub

LighterLoad

Security checks across malware telemetry and agentic risk

Overview

This is a transparent relationship-reminder skill, but it intentionally keeps sensitive local notes about family and friends and may send recurring reminders to the user.

Install only if you want an assistant to maintain ongoing local notes about your household, family, friends, and reminders. Keep details minimal, avoid storing addresses, full birth dates, account details, or sensitive medical information, grant calendar and messaging access narrowly, review any generated email/.ics content, and delete `memory/people/` plus the cron job when you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The skill claims it is 'instruction-only' and has no active capabilities, but it explicitly directs the host agent to create cron jobs, perform web searches, generate .ics files, and send messages. This mismatch can mislead users and reviewers about the real operational behavior and trust boundary of the skill, increasing the chance of uninformed consent and unsafe deployment.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The privacy section says data is 'never uploaded, never shared,' yet the skill instructs sending care nudges and .ics attachments that may contain names, birthdays, anniversaries, and relationship context. That contradiction creates a real privacy risk because personal data about third parties can be transmitted externally while users are told it remains local.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill directs the agent to send emails/messages and generate calendar files, but it does not require clear, repeated confirmation before each outbound action or calendar-affecting export. In this context, the data involves family and relationship details about real people, so silent or one-time consent is insufficient and can lead to unintended disclosure or calendar pollution.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document explicitly states that the assistant 'monitors and proactively assists' across relationship, family, health, social, financial, and parenting domains, which are all highly sensitive categories of personal data. Because the file presents ongoing tracking and inference over intimate household information without any privacy warning, consent boundary, data minimization guidance, or retention constraints, it normalizes surveillance-like behavior and increases the risk of overcollection, misuse, and privacy harm.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The onboarding trigger is broad enough that the skill may perform external searches and write structured personal planning data to memory too early or without sufficiently clear user-scoped conditions. In a household/relationship assistant, this can lead to over-collection, surprise automation, and repeated prompting beyond what the user expected, especially because the stored data is tied to location and family status.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The recurring prompt logic defines time-based nudges but not sufficient invocation boundaries, suppression rules, or checks for continued user consent. In this context, an always-on family care assistant could generate intrusive reminders, infer sensitive family patterns from stored data, and repeatedly surface planning suggestions even when the user has not opted into ongoing monitoring.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to persist detailed personal information about the user and multiple third parties, including relationship data, birthdays, ages, health considerations, preferences, and interaction history, without any explicit consent flow, minimization guardrails, retention policy, or privacy warning. This creates a meaningful privacy and safety risk because sensitive household and social-graph data can accumulate over time in local files and be exposed, misused, or retained beyond the user's expectations.

Ssd 3

Medium
Confidence
98% confidence
Finding
The onboarding flow directs broad collection and long-term persistence of highly personal information across multiple sessions, covering the user's family, friends, finances, routines, milestones, and third-party life circumstances. In the context of a household relationship-management skill, this expansive social-graph profiling is especially dangerous because it normalizes collecting sensitive data about non-users and storing it as durable memory, increasing the risk of surveillance, coercion, breach impact, and secondary misuse.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal