ClawHub

Bookmarks

Security checks across malware telemetry and agentic risk

Overview

This bookmark skill appears legitimate, but it needs review because it can silently aggregate private saved items from multiple connected accounts into a persistent local archive.

Install only if you are comfortable with a local searchable archive of saves from connected accounts. Before enabling imports, confirm exactly which platforms are connected, keep access limited to explicit saves, avoid importing likes or sensitive accounts unless intentional, and make sure you can pause syncing, disconnect sources, and delete ~/bookmarks/.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly says it will import saves 'silently' from connected platforms and repeatedly emphasizes background operation without user prompts. That creates a real privacy and consent risk because personal saved content from multiple services may be ingested, aggregated, and made searchable locally without a clear, informed approval step or disclosure of what data is collected.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill specifies creation of '~/bookmarks/' in the user's home directory but does not warn the user that local files will be written there. While less severe than covert data collection, undisclosed filesystem writes can surprise users, expose sensitive bookmark metadata to other local processes or backups, and violate expectations about where personal data is stored.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal