ClawHub

Daily Notes

Security checks across malware telemetry and agentic risk

Overview

This is a local notes skill, but it may automatically save casual messages and images as persistent notes without clear per-note consent.

Install only if you want a notes skill that can save casual thoughts, feelings, images, and potentially sensitive personal topics locally under ~/.openclaw/workspace/notes-data. Review or edit the proactive capture rule if you prefer explicit save commands, confirmation before storage, or stricter deletion and retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger list is extremely broad, including generic words like 'idea', 'thought', '日常', '图片', and 'photo'-related terms that are common in ordinary conversation. This makes unintended activation likely, which is especially risky because activation leads to persistent storage of user messages and attachments.

Vague Triggers

High
Confidence
98% confidence
Finding
The proactive capture rule says nearly any non-task user message should be treated as worth recording, creating an implicit logging behavior for ordinary conversation. In a note-taking skill, this context makes the issue more dangerous because the skill is designed to persist free-form thoughts, which often contain sensitive personal data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Although the skill describes storage paths internally, it does not clearly warn users at the point of activation that messages and images may be automatically written to disk. This undermines informed consent and increases privacy risk when users share sensitive text or photos casually.

Ssd 3

Medium
Confidence
96% confidence
Finding
Automatically recording broad categories of user utterances creates a natural-language logging channel that can capture secrets, health data, financial details, or private reflections without clear intent. Because the skill stores this persistently, the privacy and retention risk is materially higher than transient processing.

Ssd 3

Medium
Confidence
93% confidence
Finding
The instruction to preserve content 'faithfully' and keep the 'raw voice' encourages verbatim retention of whatever the user said, including passwords, personal identifiers, medical details, or other sensitive material. In this skill's context, faithful storage increases exposure because the data is written to local files and associated with timestamps and images.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal