ClawHub

Property Valuation

Security checks across malware telemetry and agentic risk

Overview

This skill is a locally scoped property valuation assistant with a privacy caveat around saved property memory, but no evidence of exfiltration or unsafe behavior.

Install only if you are comfortable with property details, valuation history, market notes, and preferences being saved locally under ~/property-valuation/. Avoid storing SSNs, account credentials, loan documents, or other highly sensitive records, and delete the local memory file if you want the skill to forget prior context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Description-Behavior Mismatch

Low
Confidence
89% confidence
Finding
The setup instructs the agent to persist user preferences to a local memory file even though the skill is described as a property valuation tool, not a profile-building or long-term memory feature. This creates undisclosed data retention beyond the immediate task scope, which can surprise users and expand privacy risk if preferences or related context are later reused or exposed.

Context-Inappropriate Capability

Low
Confidence
91% confidence
Finding
Persisting integration preferences to local memory is not clearly justified by the stated property valuation purpose, so the skill gains a retention capability broader than users would reasonably expect. Even if the data seems minor, unnecessary persistence increases the chance of privacy leakage, cross-session profiling, or inappropriate future activation based on stale preferences.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The template directs creation and ongoing maintenance of a persistent memory file containing contextual notes, market intelligence, analyzed properties, and user preferences, but it provides no user-facing consent flow, retention limits, or guidance to avoid storing sensitive data. In a real estate context, addresses, valuation history, and behavioral preferences can be sensitive business or personal information, so silent accumulation of this data creates privacy and data-minimization risks.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation prompt is broad enough to engage whenever the user mentions real estate prices or buying/selling, which overlaps with ordinary conversation and lacks meaningful boundaries. In combination with memory storage, this can cause the skill to activate unexpectedly, collect more context than needed, and steer conversations into valuation behavior without a clear opt-in.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The instruction to save user preferences to a local memory file provides no user-facing notice or disclosure, so users may not realize their preferences are being stored persistently. In a property context, conversations can easily include sensitive financial, location, and transaction details, making undisclosed persistence more concerning than a generic preference toggle.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal