ClawHub

PARA Second Brain

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local note-and-memory organizer, but users should be aware it encourages persistent indexing of notes and session transcripts.

This appears safe for its intended use as a local PARA knowledge system. Before installing, decide which notes and session history should be searchable, avoid symlinking broad or sensitive folders, and review the small setup script if you plan to run it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI06: Memory and Context Poisoning
Medium
What this means

Private notes or old conversation details may appear in future memory searches if they are placed in the indexed locations.

Why it was flagged

The skill explicitly recommends making local notes and past session transcripts searchable by the agent, which is core to the skill but can persist and resurface sensitive context.

Skill content
"memorySearch": { "sources": ["memory", "sessions"], ... } ... "Indexes your conversation transcripts alongside your notes."
Recommendation

Only symlink or index folders you are comfortable having the agent search, and consider exclusions or a separate workspace for sensitive material.

#
ASI05: Unexpected Code Execution
Low
What this means

Running the script will create files and folders in the chosen location.

Why it was flagged

The included shell script writes a directory structure and starter markdown files to a user-specified workspace. This is expected for setup and does not show destructive or hidden behavior.

Skill content
WORKSPACE="${1:-.}" ... mkdir -p "$WORKSPACE/memory" ... cat > "$WORKSPACE/MEMORY.md"
Recommendation

Run the setup script only from the intended workspace or pass an explicit workspace path you have reviewed.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

Users may have less certainty about package provenance or exactly which version the manifest describes.

Why it was flagged

The manifest name/version and listed template files do not fully match the registry metadata and provided file manifest, suggesting stale packaging metadata rather than active malicious behavior.

Skill content
"name": "second-brain", "version": "1.0.0" ... "files": ["SKILL.md", "manifest.json", "templates/MEMORY.md.template", "templates/daily-log.md.template", "scripts/setup.sh"]
Recommendation

Treat the included files as the source of truth and verify the publisher or repository before relying on updates.