ClawHub

Learning

Security checks across malware telemetry and agentic risk

Overview

This is a small Markdown-only learning preference skill that openly aims to store compact notes about how the user likes explanations.

Install this only if you want the agent to remember how you prefer to learn. Periodically review the saved preference sections and delete anything inaccurate, too broad, or more personal than you want retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The instruction to 'Support all learning contexts' is overly broad and can cause the skill to activate or retain inferred preferences in situations where it should not, including sensitive or regulated contexts. Because the skill is designed to auto-learn from user behavior, unconstrained applicability increases the chance of inappropriate profiling, persistence, or use in contexts that require explicit consent and tighter handling.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill tells the agent to detect patterns and fill preference sections, but it does not warn the user that inferred learning preferences may be stored or edited. This creates a transparency and consent problem: users may unknowingly be profiled across interactions, and those inferences could affect future responses in ways they did not authorize or expect.

Self-Modification

High
Category
Rogue Agent
Content
# Criteria for Learning Preferences

Reference only — consult when deciding whether to update SKILL.md.

## When to Add
Confidence
89% confidence
Finding
update SKILL

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal