ClawHub

Sentiment Tracker

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local sentiment-monitoring assistant with disclosed local storage and public web access, though users should know it can save monitoring preferences for future sessions.

Install this if you are comfortable with the agent saving tracked entities, alert thresholds, reporting preferences, and scheduled monitoring settings for later use. Review ~/sentiment-analysis/ and any cron jobs if you want to change or stop monitoring, and avoid tracking topics you would not want retained in local or agent memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill tells users that all tracking data stays locally in ~/sentiment-analysis/, but later instructs the agent to save activation preferences to a separate MAIN memory shared across sessions. That creates a misleading data-handling claim and can cause user information to be stored in an additional location or context the user did not reasonably expect.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The instructions direct the agent to persist user preferences and monitoring settings to memory, but the user-facing guidance avoids clearly telling the user that information will be written to local files or shared session memory. Silent persistence of preferences increases privacy risk and undermines informed consent, especially for potentially sensitive tracking interests like brands, competitors, or crypto topics.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal