ClawHub

Context Manager

Security checks across malware telemetry and agentic risk

Overview

This memory-management skill is purpose-aligned, but it should be reviewed because it loads unbundled local code and can immediately delete stored context from parsed text.

Install only if you are comfortable with a long-term local memory store and have reviewed the separate context-manager code in the workspace path it imports. Avoid storing secrets or regulated data unless you understand where files, embeddings, caches, and logs are retained, and be careful with deletion commands because the visible wrapper does not require confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Low
Confidence
90% confidence
Finding
The script modifies sys.path to import a module from a writable directory under the user's home folder, which changes Python's import resolution and allows unintended or malicious code in that location to be loaded and executed. Although this appears to be a local integration test rather than an overtly malicious backdoor, loading code from a user-controlled path without validation is unsafe because compromise of that directory directly becomes code execution.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Agent deletion is a destructive state-changing action executed immediately from loosely parsed natural-language input, with no confirmation, preview, or undo. In an agent skill context, a mistaken parse, ambiguous prompt, or prompt-injection-induced action could permanently remove stored context and disrupt workflows.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
File deletion is also performed immediately without confirmation or safety disclosure, based on permissive natural-language parsing. Because this skill manages persistent context files, accidental or induced deletion can lead to loss of important data and undermine integrity of the knowledge base.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal