ClawHub

Nag

Security checks across malware telemetry and agentic risk

Overview

This is a local reminder skill whose persistence is disclosed and aligned with its purpose, but users should set clear limits to avoid unwanted repeated prompts.

Install this only if you want an agent to persistently remind you via heartbeat until you acknowledge tasks. Review or set reminder frequency, stop conditions, quiet hours, and where nag-config.json and memory/nag-state.json will be stored before enabling it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README describes the skill as a reminder system that 'won't shut up until you confirm' and 'keeps bugging you' without clearly defining invocation boundaries, stop conditions, or safeguards against accidental activation. In an agentic environment, ambiguous activation semantics can lead to repeated unsolicited user-facing actions, which may cause harassment-like behavior, notification spam, or misuse in contexts where persistence is inappropriate.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README promotes persistent escalating reminders but does not warn operators about disruption, repeated notifications, or the risk of over-notifying users. Because the skill is explicitly designed to continue messaging until acknowledgment, lack of usage warnings and rate-limiting guidance increases the chance of abusive, disruptive, or socially coercive deployments.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The skill instructs the agent to create and modify workspace files (`memory/nag-state.json` and `nag-config.json`) without explicitly requiring user awareness or consent for persistent file changes. This can lead to unintended stateful modifications in the user workspace, especially if invoked implicitly or by a loosely matched request.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal