ClawHub

Genealogy Agent

Security checks across malware telemetry and agentic risk

Overview

This genealogy skill performs the LLM extraction, web research, and local export functions it advertises, but users should treat the family data as sensitive.

Install this only if you are comfortable sending family-history text, names, dates, locations, and research queries to your chosen LLM provider and DuckDuckGo. Use a dedicated API key with limits, keep outputs in a private folder, and review or delete generated GEDCOM, Markdown, Obsidian, Mermaid, and JSONL files before syncing or sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The function sends raw genealogy text to an external LLM provider even though the skill is presented as extracting and structuring family history data, which can reasonably imply local processing to users. Genealogical narratives often contain sensitive personal and family information about living individuals, so undisclosed off-device transmission creates a real privacy and data-handling risk.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The code performs network-backed processing of genealogical text through an external model, introducing third-party data exposure that is not evident from the skill's stated purpose. In this context, the data may include names, birth dates, death dates, places, and family relationships, making silent remote processing materially more sensitive than ordinary text transformation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly advertises local graph saving and automatic generation of Obsidian vault files without warning users that the skill writes data to disk. In a genealogy context, the data being processed is highly sensitive personal and family information, so silent or poorly disclosed local writes can create privacy, retention, and accidental exposure risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README states that the skill autonomously searches external genealogy services for ancestor information but does not warn that user-supplied family data may be transmitted to third-party services. Because genealogy workflows often involve names, dates of birth, locations, and family relationships, this creates meaningful privacy and consent risks for living people and sensitive family records.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly uses external LLM providers and autonomous searches across public genealogy services, but it does not warn users that family-history text may contain highly sensitive personal or quasi-identifying data that could be transmitted to third parties. In genealogy contexts, this can expose living relatives' names, dates, locations, and family relationships, making the omission materially risky.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes generating a local JSONL graph, Obsidian vaults, and GEDCOM exports, but it does not warn users that sensitive genealogy data will be written to local files and derivative artifacts. Those outputs may persist, be synced by other software, or be shared accidentally, which is particularly risky for family-history datasets containing personal details across multiple generations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This script persists detailed family-history records, including names, dates, places, and notes, to a local JSONL file without any consent prompt, sensitivity warning, minimization, or protection controls. In a genealogy skill, that data can contain highly sensitive personal information about living individuals, so silent local persistence increases the risk of unintended disclosure through shared machines, synced folders, backups, or later reuse by other tools.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Raw user-supplied family history text is sent directly to an external LLM without any warning, consent, or inline disclosure. Because genealogy inputs commonly contain sensitive personal data and relationship details, users may unknowingly expose private family information to a third party.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The function sends potentially sensitive ancestor data, including names, birth dates, and birth places, to third-party services: DuckDuckGo search and an external LLM provider via LiteLLM. In a genealogy context this can expose personal or family-history data without explicit consent, notice, minimization, or controls, creating privacy, compliance, and confidentiality risks, especially when researching living or recently deceased individuals.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The manifest explicitly advertises autonomous web research using DuckDuckGo on family-history data, but it provides no warning, consent mechanism, or disclosure that user-supplied genealogical information may be sent over the network to third-party services. Because genealogy data often contains sensitive personal and familial details about living relatives, this can cause unintended privacy leakage and violate user expectations or data-handling requirements.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal