ClawHub

Chat History Importer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it locally imports ChatGPT or Claude exports into agent memory, with no evidence of hidden network access, exfiltration, or destructive behavior.

Before installing, assume your ChatGPT or Claude export may include private conversations, secrets, client data, or regulated information. Run dry-run first, import only the files and dates you actually want remembered, confirm OPENCLAW_WORKSPACE points to the intended workspace, and redact sensitive chats before writing them into persistent memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill performs security-relevant actions—reading export files, using an environment variable to select a workspace, invoking Python via shell commands, and writing persistent memory files—without declaring corresponding permissions. That mismatch can mislead users and any permission-gating system, causing sensitive conversation data to be imported and persisted without clear upfront consent or review.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This skill encourages importing ChatGPT/Claude exports into long-lived episodic memory but does not prominently warn that these exports may contain highly sensitive personal, confidential, or regulated data. Without an explicit privacy warning and consent checkpoint, users may persist private conversations into searchable memory files and broaden exposure to other tools or future prompts.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The documentation instructs users to export and extract full conversation archives but does not warn that these archives can contain highly sensitive personal, proprietary, or credential-like content. In the context of a skill designed to ingest chat history into agent memory, this omission increases the risk of accidental over-collection, long-term retention, and secondary exposure of sensitive data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal