ClawHub

life-gacha

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated local journaling/reminder purpose, with the main caution that it creates local notes and recurring scheduled tasks.

Install this only if you want a local recurring journaling/reminder workflow. Confirm the exact scheduled tasks, how to disable or remove them, and avoid putting sensitive personal details in check-ins unless you are comfortable storing them in local markdown files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs the agent to read and modify local files (`config.yaml`, weekly markdown data) but does not declare any permissions or present those capabilities transparently. This creates a mismatch between apparent and actual access, which can lead to unauthorized file operations and prevents users or the platform from making an informed consent decision.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The invocation text allows activation on broad phrases like anything related to drawing a card, evening check-in, or weekly review, which could match ordinary conversation unrelated to intentional skill use. Over-broad triggers increase the risk of accidental execution, causing unintended file changes, scheduled task creation, or disclosure of local skill state during normal chat.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The examples for future use, such as 'update my card pool' or 'change the check-in time,' are vague and can be interpreted outside a deliberate skill session. This raises the chance that later user messages trigger configuration edits or scheduling changes unexpectedly, especially because those actions persist on disk and in background automation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells the agent to read and modify `config.yaml` based on user requests without warning that this changes local files and affects future automated behavior. Users may think they are having a transient conversation when they are actually altering persistent configuration that controls later executions.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs the agent to set up recurring scheduled tasks without an explicit warning that this creates persistent background automation on the user's system. Persistent tasks materially increase risk because they continue to run after the immediate conversation, can generate prompts at unexpected times, and may keep reading/writing local data without fresh consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal