ClawHub

Continuous Context Preserver

Security checks across malware telemetry and agentic risk

Overview

This skill openly saves local conversation summaries for crash recovery and cross-session memory, which is privacy-sensitive but matches its stated purpose.

Install only if you want local cross-session memory. Use the shortest retention period that works, do not log secrets, tokens, private keys, regulated data, or confidential details, and review AGENTS.md, HEARTBEAT.md, the sessions directory, cleanup.sh, and any cron entry so files are written and deleted only where you expect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs continuous logging of conversation context to disk without a clear user-facing warning that potentially sensitive prompts, decisions, and discovered information will be persistently stored. This can lead to unintentional retention of secrets, personal data, or proprietary information that users may reasonably assume remains ephemeral within a session.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill's core design is to preserve conversation content across sessions in rolling log files, creating a persistence channel for sensitive context beyond the original session boundary. Even if framed as crash recovery, this expands exposure by storing internal reasoning artifacts, user data, and operational context in files that may later be read by other processes, users, backups, or attackers with local access.

Ssd 3

Medium
Confidence
94% confidence
Finding
The session logging protocol directs the agent to append ongoing progress and important information during the live conversation, which increases the chance that transient sensitive content will be captured before it can be reviewed or sanitized. Because this happens continuously, users may not realize that intermediate decisions, identifiers, or confidential material are being accumulated on disk over time.

Ssd 3

Medium
Confidence
93% confidence
Finding
Instructions to preserve 'important information' and 'context worth preserving' are broad and subjective, encouraging the agent to save material that may include credentials, business-sensitive facts, personal data, or other high-value context. The vagueness makes over-collection likely and undermines data minimization, especially in a tool explicitly designed for cross-session recovery.

Session Persistence

Medium
Category
Rogue Agent
Content
## The Solution

Continuous session logging. Write to a file throughout the conversation, not at a trigger point.

## Setup
Confidence
90% confidence
Finding
Write to a file throughout the conversation, not at a trigger point. ## Setup **CRITICAL INITIALIZATION STEP:** Before finalizing installation, you MUST pause and ask the user for their preferred me

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal