ClawHub

Task Quest

Security checks across malware telemetry and agentic risk

Overview

Task Quest is a local gamification skill for task tracking, with some documentation inconsistencies users should clarify before relying on disable behavior.

Install this only in a workspace where you want smart-tasks gamified. Review the init script and integration diffs before applying them, and decide explicitly that active:false should stop all tracking if that is your expectation. To remove it later, delete task-quest/ and revert any cron, AGENTS.md, or HEARTBEAT.md changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill contains contradictory instructions about behavior while deactivated: one section says tracking continues during inactivity, while best practices say all quest-state updates stop when inactive. This inconsistency can cause unauthorized state changes, privacy surprises, and unreliable automation because an agent may continue recording user activity despite an explicit opt-out.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document says the skill does not directly modify workspace files, but later instructs cron reconfiguration, manual edits to AGENTS.md and HEARTBEAT.md, and automatic updates to task-quest state files. This mismatch can mislead users and reviewers about the scope of changes, reducing informed consent and making unsafe configuration changes more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal