ClawHub

Skill Auto Evolver

Security checks across malware telemetry and agentic risk

Overview

This is a local skill monitoring and reporting utility whose file scanning and local logging behavior matches its stated purpose, with privacy cautions for logged context and feedback.

Reasonable to install for local OpenClaw skill monitoring. Before using it, decide which skill directories it may inspect, avoid logging secrets or personal data in context, errors, feedback comments, or user IDs, review exported reports before sharing them, and remember that cleanup deletes old local usage and feedback history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly collects usage logs, response times, success rates, and user feedback, yet the documentation does not warn about privacy implications, sensitive metadata capture, retention periods, or operator responsibilities. This can lead to collection of personal or behavioral data without informed consent or appropriate handling, especially when comments or context fields contain sensitive information.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documented clear command performs historical data cleanup, but the documentation does not clearly warn that records will be deleted. Users may invoke it assuming it is a harmless maintenance action and unintentionally destroy audit, monitoring, or feedback history needed for troubleshooting or compliance.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The monitor persists arbitrary `context` and `error_message` data to the database without any minimization, redaction, or consent boundary. In an agent skill, these fields can easily contain prompts, user inputs, secrets, tokens, file paths, or system state, creating a privacy and sensitive-data retention risk if logs are later queried, leaked, or broadly accessible.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal