ClawHub

团队任务管家

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed team task-management skill that stores local task files and sends reminders as part of its stated purpose.

Install this only where persistent team task files, task history, exports, and teammate reminders are acceptable. Add a confirmation step for ambiguous natural-language requests and make sure workspace file permissions, member identity mapping, export access, and retention expectations fit your team.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes broad everyday phrases such as “记下”, “提醒我”, and “帮我跟进”, which can cause the skill to activate on ordinary conversation that was not intended to create or manage persisted tasks. In this skill, unintended activation is more dangerous because it immediately writes task data to disk and may notify assignees, turning conversational ambiguity into unauthorized persistence and messaging side effects.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The document says natural-language task expressions should be recognized directly, but it does not define confidence thresholds, required fields, or when the agent must ask for clarification. Because this skill stores tasks durably and can trigger notifications, vague NL recognition can misclassify free-form chat as task creation, causing accidental records, incorrect assignees, or reminder spam.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill explicitly persists task metadata including names, IDs, comments, source conversation identifiers, and exportable history, but the document does not clearly warn about retention, backup, export, and privacy implications. This increases the risk that users or integrators enable the skill without understanding that team data will be stored on disk, backed up, archived, and exportable, potentially exposing sensitive operational information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal