ClawHub

storage-router

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only storage-routing skill whose external and persistent destinations are disclosed, but users should confirm before letting it save sensitive content.

Install only if you want an agent to route saved content into the listed monday.com workspace, GitHub/private memory, and local files. Confirm the monday.com IDs and repository are yours, avoid sourcing .context unless you trust its contents, and require confirmation before saving sensitive or business-critical content externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill instructs sourcing a local `.context` shell file, which crosses from passive documentation into operational command execution against local state. `source` executes arbitrary shell content, so if that file is modified or attacker-controlled, the agent could run unintended commands or ingest sensitive local configuration beyond simple IDs.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are very broad and match ordinary conversation such as 'save this' or 'document this,' making accidental invocation likely. In this skill, accidental activation is meaningful because it can route content into external services or local persistence without a clear user confirmation step.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is designed to route information across monday.com, GitHub/private repo, and local files, but it does not present a user-facing notice or consent step about where data will be stored. That increases the risk of unintentionally persisting sensitive or personal information to third-party systems or long-lived local memory.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal