ClawHub

Morning

Security checks across malware telemetry and agentic risk

Overview

This journaling skill is purpose-aligned, but it can read personal planning data and persist journal content with too little explicit user control.

Review this skill before installing. It may be useful if you want an agent to manage daily journals and planning data, but only install it if you are comfortable with it reading personal task/project/inbox data and editing journal files. Prefer using it with explicit prompts, review generated entries before saving, and avoid sharing sensitive remarks unless you intend them to be stored.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrase is a single common word, "morning," which is likely to appear in normal conversation and can unintentionally invoke the skill. Because this skill reads task/project data and writes journal files, accidental activation could expose or modify personal productivity data without a deliberate user intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README says the skill will read tasks, projects, and inbox content and write daily journal entries, but it does not warn users that personal data will be accessed and files may be modified. In a journaling/planning context this increases the chance of users invoking the skill without understanding its scope, leading to unintended disclosure or changes to sensitive personal information.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are overly broad for a user-invocable skill: terms like 'journal' and especially 'or similar' can match common conversational language and cause the skill to activate when the user did not clearly intend a journaling workflow. In this skill's context, unintended invocation is more dangerous because activation leads to broad reads of personal files and follow-on writes to journal/inbox content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to update yesterday's journal automatically, including filling logs, adding reflections, and marking todos complete, but the user-facing description does not prominently warn that invocation may modify files. This creates a consent and integrity risk because users may expect reflective assistance, not silent persistence or alteration of personal records.

Missing User Warnings

High
Confidence
98% confidence
Finding
The instruction to 'add it to today's journal' and 'No need to ask permission' authorizes automatic persistence of conversational content without explicit consent at the moment of capture. In a journaling skill handling sensitive personal reflections, this is especially risky because incidental remarks, emotional disclosures, or mistaken interpretations may be permanently recorded or propagated into files the user did not intend to modify.

Ssd 3

Medium
Confidence
96% confidence
Finding
This section directs the skill to persist user-provided conversation content into journal files and then reuse that stored material later in morning/evening/weekly workflows, without obtaining explicit consent each time. That creates a privacy and data-minimization problem: sensitive statements can be stored, resurfaced, and influence future prompts even if the user only intended ephemeral conversation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal