ClawHub

Engram — Knowledge Graphs for AI Agents

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate local knowledge-graph skill, but it encourages persistent storage of sensitive operational and people data without enough scoping or safety guidance.

Install only if you are comfortable with an agent maintaining a long-lived local knowledge graph. Avoid storing secrets, credential contents, private email details, sensitive relationship notes, or trust labels unless you explicitly intend that data to persist and potentially be reused by future agent sessions. Review the database location and be careful with export/import/delete commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The documentation explicitly recommends storing sensitive operational details such as SSH configs, credential paths, email chains, and trust levels in a persistent local knowledge graph. Even if the database is local, centralizing this information increases the blast radius of compromise, accidental disclosure, or unintended reuse by future agent sessions beyond the user’s original intent.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger condition 'any request to track relationships between entities' is overly broad and can activate the skill in many ordinary contexts, causing unnecessary persistence or graph-building when the user did not clearly ask for it. In a skill with durable storage and import/export capabilities, over-triggering materially raises the chance of collecting or modifying data outside intended scope.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill introduces persistent storage and destructive or data-moving commands like delete, import, and export without an explicit warning or confirmation model. Users or agents may unintentionally modify, remove, or exfiltrate accumulated graph data, especially across sessions where the persistence may not be obvious.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal