ClawHub

worktracker

Security checks across malware telemetry and agentic risk

Overview

WorkTracker mostly behaves like a local work-log tool, but it needs review because it persistently stores potentially sensitive work details while claiming security controls the code does not implement.

Install only if you want agents to keep a persistent local record of work activity. Treat logs, backups, and exports as plaintext; avoid recording secrets, customer data, credentials, or sensitive incident details. Do not rely on the documented encryption, access-control, or audit-log claims unless the publisher adds verifiable implementation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation clearly indicates local file read/write behavior through configurable log and status paths, backups, export, restore, and repair operations, yet no corresponding permissions are declared. This creates a trust and enforcement gap: a user or platform may assume the skill is low-risk while it can modify local files, increasing the chance of unintended file access or overwrite if paths are misused.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes broad, common phrases such as "work tracker" and "work log," plus generic Chinese equivalents, which increases the chance of accidental invocation during normal conversation. In an agent environment, unintended activation can cause the skill to capture or act on user/project context unexpectedly, creating reliability and potential privacy issues even if the skill itself is not overtly harmful.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The manual instructs users to export work data and view team-wide status/logs without warning about sensitivity, access control, or appropriate sharing boundaries. In a work-tracking system, exported JSON/CSV and centralized logs may contain employee identities, task content, operational details, or incident notes, which can lead to unintended data exposure if users handle them casually.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal