ClawHub

Live Evo: Online Evolution with verified experiences

Security checks across malware telemetry and agentic risk

Overview

This memory skill is coherent and not malicious, but it needs review because it persistently saves and reuses task details without clear opt-in, redaction, retention, or deletion controls.

Install only if you are comfortable with a local cross-task memory database. Avoid using it with secrets, credentials, personal data, regulated information, or proprietary code unless you manually sanitize what gets stored. Review ~/.live-evo periodically and remove stored experiences you do not want reused later.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation description is broad enough to match very common task categories like coding, analysis, and predictions, which increases the chance the skill is triggered in contexts where persistent memory is unnecessary or inappropriate. Because the skill performs retrieval and long-lived storage, over-broad activation expands the surface for accidental data capture and inappropriate influence on responses.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states that experience data is stored persistently in `~/.live-evo/experience_db.jsonl` but does not provide a prominent user-facing warning or consent mechanism before storing task-derived content. This creates a privacy risk because users may disclose sensitive information without realizing it will be retained across sessions in a home-directory database.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The function appends experience records containing free-form question, failure reason, improvement, and missed information directly to a persistent file in the user's home directory without any consent, minimization, or redaction. In this skill context, those fields can easily contain sensitive task data, code snippets, secrets, or proprietary information, so silent long-term storage increases privacy and data exposure risk if the account or filesystem is later accessed.

Missing User Warnings

Low
Confidence
74% confidence
Finding
Persistent logging of weight update history creates an additional audit trail of user activity and task interactions without any user-facing disclosure. Although the data logged here is less sensitive than full experience contents, it still contributes to behavioral profiling and unnecessary retention, which makes the privacy risk real but comparatively limited.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to persist task questions, failure reasons, and improvements in a long-lived database without any sensitivity checks, data minimization, or scoping boundaries. In practice, this can capture secrets, proprietary code, personal data, and user feedback containing sensitive context, then make that material retrievable in future tasks.

Ssd 3

Medium
Confidence
96% confidence
Finding
These workflow steps normalize always storing task questions and feedback whenever a lesson is observed, which strongly encourages retention of user-supplied content and environment output. Since feedback may include stack traces, credentials, internal paths, customer data, or confidential business context, automatic persistence materially increases privacy and data leakage risk.

Ssd 3

Medium
Confidence
98% confidence
Finding
The principle 'When in Doubt, Store' explicitly biases the system toward over-collection, which is unsafe for a persistent memory feature handling arbitrary user tasks. In this context, the danger is amplified because the skill is broadly applicable and persistent storage occurs in a user home directory, making accidental retention of sensitive material more likely and longer-lived.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal