ClawHub

Noverload - Knowledge Memory

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed Noverload knowledge-library integration that runs read-only by default, with some normal token and third-party MCP package risks to consider.

Install only if you trust Noverload and the `noverload-mcp` npm package. Keep `readOnly:true` unless you specifically need saving or task updates, use a revocable token, do not commit or share the token, and remember that retrieved library content may be exposed to the agent’s working context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to place a personal access token directly into a local config example without explicitly warning that the token is a secret that must not be committed, shared, logged, or exposed to the agent beyond what is required for MCP execution. This creates a realistic risk of credential leakage through shell history, dotfile sync, screenshots, backups, or accidental source control commits, which could allow unauthorized access to the user's Noverload account.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The optional `readOnly:false` configuration enables persistent write operations against the user's account, but the documentation does not clearly foreground that this lets the agent alter stored content and task state. In an agentic context, even intended commands can be triggered mistakenly or through prompt manipulation, causing unauthorized or hard-to-audit modifications to the user's knowledge base.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal