ClawHub

Kanban

Security checks across malware telemetry and agentic risk

Overview

This is a local Kanban helper that creates and maintains disclosed board, registry, memory, and log files, with no evidence of network access, credential use, or hidden code.

Install if you want an agent-maintained local Kanban system. Before using it, choose explicit-only or selected-project activation if you want tighter control, decide whether boards belong in ~/kanban/ or each workspace's .kanban/ folder, and avoid storing secrets in cards or memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The protocol instructs the agent to create `~/kanban/index.md` entries and missing board files automatically, which causes persistent filesystem writes without explicit user awareness or confirmation. In an agent setting, silent creation of files under the home directory can surprise users, modify state across sessions, and be abused by ambiguous prompts or mistaken project resolution to create or alter data in the wrong project context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Automatic 'non-destructive' repair and logging still perform persistent writes to project files and `log.md` without explicit disclosure or approval. Even if intended to preserve content, repair logic can normalize or alter malformed boards in unexpected ways, and automatic logging may leak task/project metadata into persistent files the user did not knowingly authorize.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The setup instructions allow activation based on a very broad condition ('Always when task planning appears'), which can cause the skill to engage without clear user intent and persist behavior in shared memory. In an agent system, this creates a scope/consent problem: the skill may start writing files and altering workflow state for projects where the user did not explicitly request Kanban management.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal