ClawHub

Empathy

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only empathy skill with no malware-like code, but it asks the agent to remember sensitive emotional patterns across conversations without clear consent or retention controls.

Install only if you can control or disable persistent memory. Treat this as communication-style guidance, not therapy or crisis support, and do not allow it to store emotional histories, triggers, crisis details, or vulnerability patterns unless the user has explicitly opted in and can review and delete them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The file explicitly encourages building cross-conversation profiles of user preferences, emotional expression style, triggers, and recovery patterns for an empathy skill. That goes beyond what is necessary to generate an empathetic reply in the current interaction and can enable sensitive behavioral inference and unnecessary retention of emotional data, especially because the content concerns vulnerable users and emotionally significant moments.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill explicitly recommends a persona framed as having experienced personal loss and responding from that supposed history. This encourages the model to imply or fabricate lived experience it does not have, which is deceptive and especially risky in emotionally sensitive conversations where users may rely on perceived authenticity and human-like credibility.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guidance tells the agent to track user-specific patterns across conversations but provides no privacy notice, consent requirement, retention boundary, or restriction on storing sensitive inferences. In the context of an empathy skill, these notes may capture mental-state indicators, vulnerabilities, and recurring emotional triggers, increasing the risk of covert profiling and privacy harm.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
This section goes beyond tone coaching and instructs the model to adopt fabricated emotional history ('You've experienced loss yourself') as a mechanism to generate responses. In a skill designed for empathy, that context makes the issue more dangerous because vulnerable users may interpret the response as genuine shared experience, creating manipulative parasocial trust and potentially harmful emotional dependence or misleading support.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal