ClawHub

Openclaw User Profiler

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended to build a reusable user profile, but it may collect, infer, and persist personal details without a clear consent and review step.

Install only if you are comfortable with the agent creating a persistent personal profile about you. Before using it, confirm what fields it will store, ask to preview user.md before any write, avoid sharing sensitive personal or workplace information unless needed, and make sure you know how to edit or delete the stored profile.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases such as 'know me', 'profile me', and role statements like 'I'm an engineer', which can activate the skill during ordinary conversation rather than from an explicit request to create or update a profile. Because this skill reads and writes profile files and may steer the conversation into personal data collection, overly broad activation increases the risk of unintended data collection and file operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to collect user profile information and write it into user.md, but it does not require a clear privacy notice, data minimization warning, or explicit consent before persisting personal information. In context, this is risky because the file may contain identifying details, work information, preferences, and free-form context that could be stored longer than the user expects.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The language policy automatically switches to Chinese based on message detection without asking the user, which can misclassify multilingual users or conversations and cause the agent to proceed in an unexpected language. In a profiling workflow, that can undermine informed consent, create misunderstandings about what will be stored, and reduce the user's ability to accurately review generated profile content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file explicitly instructs the agent to collect, infer, and persist personal profile data such as name, role, timezone, experience, goals, habits, interests, and pain points, while also encouraging inference from conversation and system information. Even though the product purpose is user profiling and skill recommendation, the absence of an explicit consent, transparency, minimization, and retention notice creates a real privacy risk because users may not realize how much personal data is being derived and stored in user.md.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal