ClawHub

Keenlycat Self Improving Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local learning-memory tool, but it automatically stores failed command context and output snippets in persistent agent memory without effective consent, redaction, or retention controls.

Install only if you are comfortable with OpenClaw keeping local persistent memory of task details and command failures. Avoid using the auto-capture wrapper around commands that may expose secrets or sensitive customer/project data, and periodically review or delete ~/.openclaw/workspace/memory/learnings.jsonl.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The script advertises itself as only capturing command errors, but on failure it also persists command context and a summary of command output to another script under the user's home directory. That mismatch can cause users to run it with sensitive commands or secrets, not realizing failure details may be stored, creating an unannounced data-retention and privacy risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
When a command fails, the script automatically forwards failure context and a summary of output to another script without explicit confirmation at the point of capture. Failed command output often contains secrets, file paths, tokens, internal URLs, stack traces, or proprietary data, and the skill context makes this more dangerous because it is part of a self-improving/learning pipeline that appears designed to retain and reuse captured information.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script persists user-supplied context, issue, correction, lesson, tags, and task metadata into a long-lived file under the user's home directory without any notice, consent prompt, retention control, or data minimization. In an agent setting, these fields can easily contain sensitive prompts, task details, secrets, or personal data, creating a privacy and data-governance risk if the memory file is later read by other tools, synced, or exposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal