ClawHub

Piano

Security checks across malware telemetry and agentic risk

Overview

This piano-practice skill appears to keep local progress notes for its stated purpose, with no evidence of network transfer, credential access, or destructive behavior.

Install only if you are comfortable with the agent creating ~/piano/ and keeping local markdown notes about your piano practice. Avoid sharing sensitive personal details in practice updates, and delete or review that folder if you want to clear stored progress.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to create and use `~/piano/` automatically on first interaction, which introduces filesystem side effects without explicit user consent or notice. While the content is not overtly malicious and the data is low sensitivity in normal use, silently creating directories and storing practice information can violate user expectations and expose private behavioral data on shared systems.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The progress-tracking section directs the agent to log pieces, completed repertoire, and recurring issues to `~/piano/` without a privacy notice, retention limits, or consent flow. In context this is only mildly dangerous, but it still creates unnecessary privacy risk because persistent logs may reveal habits, schedules, and personal performance history to other local users or future processes.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The logging triggers are broad enough to capture ordinary conversation about practicing, struggles, or progress, which can cause the agent to solicit or store user activity more often than necessary. In a progress-tracking skill this creates unnecessary data collection risk and can feel like surveillance if logging is initiated from casual mentions rather than explicit user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal