ClawHub

Bootstrap

Security checks across malware telemetry and agentic risk

Overview

This markdown-only onboarding skill creates a local SOUL.md profile after user confirmation; it has privacy considerations but no hidden, destructive, credential, or network behavior.

Install this only if you want a persistent local AI profile. Before confirming the generated SOUL.md, remove personal details you do not want saved and adjust the language, autonomy, and ongoing-learning wording to match your comfort level.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad enough to match ordinary conversation about defining or personalizing an AI, which can cause the skill to activate when the user did not explicitly intend to enter a multi-step onboarding flow. In this skill, unintended activation can lead to unnecessary collection of personal preference and identity data, overwrite prompts around `SOUL.md`, and unexpected file writes if the flow proceeds to completion.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide explicitly directs the agent to persist the user's chosen language into SOUL.md, which is profile data, but provides no instruction to disclose that persistence or obtain consent. In an onboarding skill centered on building a lasting identity/profile, silent storage of even seemingly low-sensitivity preferences can violate user expectations, reduce transparency, and normalize collecting additional personal attributes without notice.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The template hard-codes the user's default language as mandatory and 'non-negotiable,' which removes user choice and can lock the system into persisting a potentially sensitive preference without explicit consent. Language preference can reveal nationality, ethnicity, or other personal characteristics, and making it fixed by rule increases privacy and autonomy risks in an onboarding flow focused on identity personalization.

Ssd 3

Medium
Confidence
97% confidence
Finding
The Growth section instructs the AI to continuously learn the user through every conversation, infer blind spots and aspirations, anticipate needs, and proactively ask casual or personal questions. In an onboarding/identity skill, this encourages ongoing profiling beyond immediate task needs and can normalize collection of sensitive personal data without clear limits, consent boundaries, retention rules, or purpose restriction.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal