ClawHub

Todo Accelerator

Security checks across malware telemetry and agentic risk

Overview

This task-board skill is coherent, but it asks the agent to add persistent heartbeat automation that can later pick up and work on saved tasks without fresh confirmation.

Install only if you intentionally want an agent to maintain a local Obsidian-style task board and process queued tasks during heartbeat events. Review and explicitly approve any HEARTBEAT.md change, keep the board and notes in a dedicated folder, use a new empty board file, avoid storing secrets in task notes, and disable subagent delegation for sensitive work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
77% confidence
Finding
The activation description is broad enough to match many ordinary requests such as saving ideas, bookmarks, preparing deliverables, or reacting to heartbeat events. Over-broad triggering can cause the agent to invoke file-writing task automation in situations where the user did not clearly intend persistent storage or autonomous task pickup, increasing the chance of unwanted state changes and surprise background actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to enable heartbeat and modify HEARTBEAT.md, which changes persistent workspace/agent behavior beyond the immediate initialization task. Because this occurs without an explicit user confirmation step or clear warning that agent configuration files will be altered, it can silently expand the skill's future execution surface and cause ongoing autonomous task pickup.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal