ClawHub

Self Improving Agent

Security checks across malware telemetry and agentic risk

Overview

The skill is local and purpose-aligned, but it encourages automatically turning raw errors and corrections into persistent agent rules without enough redaction or approval controls.

Install only if you want a local agent-learning helper and can control what it receives. Redact secrets, tokens, personal data, customer content, and untrusted instructions before logging events, and review every suggested_rule before adding it to memory, configuration, databases, or multiple agents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Ssd 3

Medium
Confidence
91% confidence
Finding
The examples explicitly show passing raw `previous_attempt` and `corrected_output` into the skill and then adding the resulting rule to agent memory. If those fields contain sensitive user data, secrets, regulated content, or prompt-injected instructions, the skill can transform and persist that content into long-lived memory or downstream systems, increasing exposure and risk of later leakage or unsafe behavior.

Ssd 3

Medium
Confidence
94% confidence
Finding
The batch-processing guidance encourages accumulating a day-long in-memory or database-backed log of errors and corrections, including raw previous and corrected outputs. This normalizes broad retention of potentially sensitive interaction content, increasing the blast radius of compromise and creating opportunities for privacy violations, data leakage, and training/memory poisoning from untrusted user-supplied text.

Ssd 3

Medium
Confidence
89% confidence
Finding
The documentation recommends storing returned entries and feeding historical context back into future calls, which promotes long-term retention and reuse of potentially sensitive interaction data. In an agent setting, that is especially risky because historical data may contain secrets, personal data, proprietary prompts, or adversarial content that can later influence model behavior or be exposed through retrieval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal