ClawHub

Context Resume

Security checks across malware telemetry and agentic risk

Overview

This instruction-only productivity skill reviews local development context to help resume work, with disclosed but privacy-sensitive inputs and no evidence of hidden execution or data exfiltration.

Install only if you are comfortable with the agent reviewing the current project's git state, uncommitted changes, stashes, reflog, TODO comments, test context, timestamps, and recent terminal commands. Avoid using it in repositories or shells where secrets, credentials, regulated data, or unrelated confidential work may appear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The invocation guidance is extremely broad ('every morning', after meetings, branch switches, vacations, and when resuming others' work), which encourages routine use of a skill that inspects local development artifacts such as git history, stashes, terminal activity, and file state. That increases the chance of unnecessary collection and exposure of sensitive local context, especially in repos containing secrets, incident data, proprietary work, or unrelated tasks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes collecting rich local artifacts including git state, stash contents, comments, test results, terminal commands, timestamps, and possibly cursor/bookmark state, but it does not clearly warn users that this may surface sensitive information. Without an explicit privacy warning and consent model, users may invoke it without understanding that confidential code details, secrets in comments/commands, or unrelated project context could be inspected or summarized.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal