ClawHub

Taste

Security checks across malware telemetry and agentic risk

Overview

This skill is a local taste-learning helper that stores user feedback for its stated purpose, with no evidence of malware, exfiltration, or hidden execution.

Before installing, understand that this skill may save your feedback and aesthetic preferences in ~/taste/. Avoid sharing sensitive personal details or private creative work unless you are comfortable with local retention, and periodically review or delete the saved notes if you no longer want them reused.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly directs the agent to persist user corrections, preferences, and derived patterns under `~/taste/` without any notice, consent flow, minimization guidance, or retention limits. This creates a real privacy and data-governance risk because user feedback may contain sensitive personal preferences, private creative material, or identifying information that gets silently written to disk and reused later.

Ssd 3

Medium
Confidence
91% confidence
Finding
The instruction to "record everything" from user corrections encourages broad, indefinite retention of potentially sensitive user-provided preferences, examples, and contextual details without any minimization or consent boundary. In a learning skill, this can lead to unnecessary collection of personal data and persistence of information that is not required for the immediate task, increasing privacy and compliance risk if logs, memories, or downstream systems are accessed or reused.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal