ClawHub

Nex Gdpr

Security checks across malware telemetry and agentic risk

Overview

This GDPR tool is mostly purpose-aligned, but it can broadly scan sensitive local data and delete matched user-owned files without a clear preview or confirmation step.

Install only if you are prepared to control it operationally: verify identity first, run scans manually, review all findings before processing erasure requests, keep backups, and do not rely on its encryption, immutable audit, or retention-cleanup claims without independent controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (13)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The code comment says erasure is only logged in this demo, but the actual path calls _safe_delete_file(), which invokes os.remove() for user-owned files. This mismatch is dangerous because operators may believe the feature is non-destructive during testing or review, leading to unintended permanent deletion of local session or user data in a GDPR workflow that scans broad filesystem locations.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill advertises retention management and auto-cleanup for GDPR compliance, but the cleanup command is explicitly a no-op. In a privacy/compliance tool, this creates a serious integrity gap: operators may believe expired personal data is being deleted when it is actually retained indefinitely, increasing regulatory exposure and the amount of sensitive data available to attackers or insiders.

Intent-Code Divergence

Low
Confidence
94% confidence
Finding
The command name, help text, and output imply that retention cleanup runs, but the function states that cleanup is not implemented. This is dangerous because it can mislead operators into taking no further action while personal data that should be purged remains stored, undermining compliance and data minimization obligations.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README promotes erasure and secure deletion behavior without a prominent warning that processing an erasure request may irreversibly destroy data. In a compliance-oriented tool that scans many local stores, this increases the risk of operator misuse, accidental deletion, and loss of records needed for business continuity or legal exceptions.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill advertises scanning OpenClaw sessions, logs, databases, memory, and uploads for personal data without an explicit privacy warning or authorization boundary. In this context, broad discovery across multiple stores can expose unrelated sensitive information and encourage operators to inspect data beyond the minimum necessary scope.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to activate on ordinary privacy-related conversation such as mentions of 'personal data', 'PII', or 'audit trail'. In a skill that can scan sensitive local stores and process destructive erasure actions, over-broad invocation increases the risk of unintended execution against private data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill advertises erasure and cleanup capabilities that can delete files and retained data, but the documentation does not prominently require scope review, dry-run verification, or explicit user approval before execution. In a GDPR context, mistaken identification of subject data or path scope could lead to irreversible loss of records, evidence, or data belonging to other users.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documented scan scope includes sessions, memory, logs, uploads, and other skill databases, which are likely to contain highly sensitive local data unrelated to the immediate request. Without clear privacy warnings, least-privilege limits, and operator consent, this broad discovery behavior can expose or aggregate far more personal data than necessary for a given GDPR task.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This configuration explicitly targets highly sensitive local locations such as session stores, memory, logs, uploads, and other skill databases for discovery and scanning. In a GDPR-handling skill, broad cross-skill and cross-directory data access materially increases the risk of over-collection, unauthorized processing, and accidental disclosure of personal data if invoked without strict consent, authorization checks, and clear user notice.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This code path permanently deletes files with os.remove() based on scan results, without any visible second-factor approval, dry-run safeguard, or explicit policy gate in the processor. In a GDPR skill that searches across OpenClaw sessions and other local data stores, mistaken matches or unauthorized request processing could destroy legitimate records and create availability and compliance issues.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
secure_delete performs irreversible overwrite-and-delete behavior and can be invoked on arbitrary paths if higher-level validation is insufficient. In the context of a compliance automation skill handling many request types, exposing destructive functionality without enforced confirmations, path restrictions, or role checks increases the risk of accidental or unauthorized data destruction.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
This code stores highly sensitive GDPR request data, including names, email addresses, possible government or internal IDs, notes, audit details, and PII-related findings, in a local SQLite database without any evident consent/disclosure mechanism, minimization guardrails, encryption, or protective controls in this file. In the context of a GDPR compliance skill, silently persisting subject data increases legal and privacy risk because the tool is specifically designed to aggregate and retain regulated personal data across multiple sources, making accidental over-collection or unauthorized local exposure more harmful.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Erasure requests can trigger destructive deletion through the generic process command without an additional confirmation step, dry-run preview, or explicit warning at the CLI boundary. In a GDPR deletion tool operating over sessions, logs, memory, and databases, a mistaken or automated invocation could irreversibly remove data and evidence needed for business or legal purposes.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal