ClawHub

Fulcra Tracking

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Fulcra tracking and dashboard helper, but users should opt in only to the personal data and agent-activity logging they actually want stored.

Install this only if you are comfortable using Fulcra as a datastore for chosen personal tracking data. Decline health, location, messaging, calendar, sleep, or agent-activity logging unless you specifically want those persisted, and do not enable agent visibility during work that may contain secrets or private third-party information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to proactively pitch background ingestion of highly sensitive data such as health, location, and calendars, and to offer persistent logging of agent interaction details into the user's datastore. Even though the text includes privacy warnings and asks for permission, combining onboarding persuasion with requests to enable sensitive collection increases the risk of over-collection, consent fatigue, and disclosure of intimate behavioral data beyond what is necessary for intent discovery.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill directs the agent to execute a local command to retrieve an access token, expanding its capabilities beyond simple data formatting or transmission. Even though the token is intended for legitimate API use, command execution for credential retrieval increases the attack surface because a compromised or modified skill could repurpose the pattern to access other local secrets or invoke unintended tooling.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file encourages combining sensitive personal data sources such as messaging history, health/sleep signals, media consumption, and location data without any accompanying privacy, minimization, consent, or retention guidance. Even as a reference/onboarding file, this can steer the agent to propose or normalize invasive tracking patterns that expose intimate user information and create unnecessary collection risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The "Universal Agent Visibility Package" explicitly proposes that the agent automatically write summaries of its current work and context into the user's datastore. That creates a significant disclosure risk because agent context can contain sensitive prompts, user data, task details, third-party information, or secrets, and the file provides no warning about persistence, audience, redaction, or user approval.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal