ClawHub

Pet Companion Journal

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local pet journal, but its helper scripts use unvalidated pet IDs in file paths, so it should be reviewed before use.

This skill does not show network sharing or credential use, and its local pet-journal purpose is clear. Before installing, be aware that it creates persistent records under ~/.pet-companion, and consider patching or avoiding any custom pet ID containing slashes, backslashes, or '..' so the helper scripts cannot write outside the journal folder.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Medium
What this means

A crafted pet ID could cause the agent to create, read, or modify JSON files outside ~/.pet-companion instead of staying within the pet archive.

Why it was flagged

The script accepts a raw pet_id and concatenates it into a filesystem path without rejecting slashes, absolute paths, or '..' segments. This can let a mistaken or crafted pet ID read or write JSON files outside the intended pet journal directory.

Skill content
pet_id = args.pet_id or slugify(args.name)
path = storage_root() / 'pets' / f'{pet_id}.json'
Recommendation

Generate pet IDs only with slugify, reject '/', '\\', absolute paths, and '..', and resolve target paths to confirm they remain under the expected pets or reminders directories before reading or writing.

#
ASI06: Memory and Context Poisoning
Low
What this means

Pet photos, home details, clinic notes, and care history may remain on disk and be surfaced in future journal queries or reports.

Why it was flagged

The skill persistently stores pet profiles, records, media references, and health-related notes for later retrieval. This is disclosed and purpose-aligned, but it is still sensitive local memory.

Skill content
Default storage root: `~/.pet-companion/` ... `records/YYYY/MM/` ... `media/YYYY/MM/` ... `Do not share pet photos, clinic notes, or identifying details unless the user explicitly asks.`
Recommendation

Keep the storage folder private, avoid recording unnecessary identifying details, and delete or relocate the archive if you no longer want the agent to use it.