ClawHub

Marrow

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed external memory/logging skill that automatically records agent action summaries, with no hidden code or destructive behavior found.

Install this only if you want always-on persistent memory for agent work. Protect the MARROW_API_KEY, verify the @getmarrow/mcp server and Marrow privacy/retention terms, and avoid using it in workflows involving secrets, regulated data, or confidential operations unless your policy permits external action metadata logging.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description says it should be enforced automatically on every turn, which creates broad activation guidance that can trigger the skill in contexts where persistent external logging is unnecessary or inappropriate. In a memory/logging skill, over-broad invocation increases the chance of capturing sensitive workflow metadata and normalizing external transmission without task-specific user consent.

Missing User Warnings

High
Confidence
97% confidence
Finding
The required flow mandates external Marrow calls before and after nearly every meaningful action, including file edits, API calls, config changes, deletes, installs, and external sends, but it does not require a user-facing disclosure or consent step for transmitting activity metadata to a third-party service. Even with redaction rules, the action descriptions and outcomes can still leak sensitive operational context, project details, or security-relevant information, especially because logging is framed as mandatory on every turn.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal