ClawHub

feedback-loop-fine-tuner

Security checks across malware telemetry and agentic risk

Overview

This skill is a local feedback and fine-tuning utility that does what it advertises, but users should treat its exported training data as potentially sensitive.

Install only if you intend to build feedback loops or training datasets. Do not feed it private, regulated, secret, or proprietary conversations unless you have consent and your own redaction, retention, and access-control process around exports and generated datasets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly encourages collecting, aggregating, exporting, and converting user conversations and corrections into training data, but provides no privacy guidance, consent requirements, redaction steps, or safeguards for sensitive content. In this context, feedback loops commonly contain personal data, secrets, proprietary prompts, and full model outputs, so omitting data-handling controls creates a realistic risk of privacy leakage and unsafe reuse in fine-tuning datasets.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
`exportFeedback` serializes raw user queries and model responses directly to JSON or CSV without any consent gate, redaction, or minimization. In a feedback/fine-tuning skill, these fields are especially likely to contain sensitive prompts, personal data, secrets, or proprietary business content, so exporting them increases the risk of privacy leakage and downstream data handling violations.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
`generateTrainingData` repurposes raw user queries, assistant responses, and user corrections into fine-tuning datasets with no consent, filtering, or sanitization. Because this skill is specifically designed to create training corpora, any sensitive or maliciously injected content can be retained, redistributed, and learned by downstream models, creating durable privacy, compliance, and prompt-injection contamination risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal