ClawHub

Habit Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a local habit tracker that stores and updates habit files on your computer, with no evidence of network access or hidden behavior.

Install only if you are comfortable with an assistant creating and updating local habit JSON files and optional Markdown review files. Avoid sensitive habit names if privacy matters, and use HABIT_DATA_DIR, --data-dir, or --output only with directories you intend the skill to read or write.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly performs file writes and reads an environment variable (`HABIT_DATA_DIR`) but does not declare corresponding permissions. Undeclared capabilities are dangerous because they bypass user and platform expectations about what the skill can access or modify, especially when it can write persistent files and redirect output locations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented purpose says the skill tracks habits locally, but the actual behavior also creates, archives, and writes reports to arbitrary user-supplied output paths and an Obsidian vault path. This mismatch is security-relevant because users may consent to a simple tracker while the skill can modify unrelated files or write into broader note directories, increasing the chance of unexpected file-system side effects.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list contains generic phrases such as 'habit', 'streak', 'weekly review', and 'morning routine', which can appear in ordinary conversation and unintentionally activate the skill. Unintended activation matters here because the skill can write files, add or remove habits, and generate reports, so a casual message could lead to persistent local changes.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal