ClawHub

User Profile

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is transparent about building a local user profile, but it automatically records and infers personal traits into persistent workspace files without a strong consent or confirmation workflow.

Install only if you intentionally want automatic local profiling. Keep it out of synced or shared workspaces unless you are comfortable with PROFILE.md containing preferences, lifestyle details, family notes, emotional patterns, and inferred traits. Review and edit PROFILE.md regularly, and disable or avoid the skill if you want profiling to happen only after explicit save requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill is configured to run automatically on session startup and heartbeat without a narrow trigger or explicit per-run user consent. That creates a real risk of unintended invocation, causing the agent to process and persist personal data when the user did not actively request profiling.

Missing User Warnings

High
Confidence
98% confidence
Finding
The description states that the skill automatically builds and stores a user profile in workspace/PROFILE.md, but it does not present a clear warning or consent flow to the user before collecting and writing inferred personal data. Because the stored data includes inferred traits and potentially sensitive details, silent persistence materially increases privacy and trust risks.

Ssd 3

Medium
Confidence
99% confidence
Finding
The skill explicitly instructs the agent to collect, infer, and persist user preferences and personality traits across sessions, including sensitive lifestyle and family information. Persistent behavioral profiling without strong consent, minimization, and retention controls is a genuine privacy vulnerability because it creates a durable sensitive dossier that could be exposed, misused, or processed beyond user expectations.

Ssd 3

Medium
Confidence
99% confidence
Finding
This section directs the agent to immediately record user-expressed habits, emotional patterns, lifestyle details, and other personal information during conversation into memory files. Continuous background capture increases the chance of collecting sensitive data incidentally and normalizes logging beyond what the user knowingly asked to preserve.

Ssd 3

Medium
Confidence
98% confidence
Finding
The skill tells the agent to infer personality characteristics from accumulated user data and store those in PROFILE.md. Inference of traits such as values, emotional patterns, and decision style is especially risky because derived personal data can be inaccurate, sensitive, and more invasive than the original observations, yet still persisted as if factual.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal