ClawHub

Signal Dreaming

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed memory-consolidation workflow that reads and updates memory files, with some invocation and automation caution but no artifact-backed malicious behavior.

Install this only if you want an agent to maintain persistent workspace memory. Prefer explicit invocations, review the planned files before the write phases, and be careful enabling daily cron automation in workspaces whose memory logs may contain sensitive personal, business, or credential-adjacent information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
79% confidence
Finding
The skill advertises very broad natural-language trigger phrases such as 'run a dream consolidation' and especially the casual multilingual shortcut, which increases the chance of accidental invocation during ordinary conversation. Because this skill performs file reads and writes to persistent memory artifacts, unintended activation could modify memory state, create files, or rewrite summaries without deliberate user consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The protocol explicitly instructs the agent to append to logs, rewrite MEMORY.md, create backups, and use shell execution (`exec`) to modify files, but it does not present a clear user-facing warning or consent checkpoint before these impactful operations. In an automated skill, this can lead to unexpected workspace changes, data retention in backups, and accidental modification of sensitive memory files without the operator fully understanding the side effects.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal