Language Tutor Pro

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local language-tutoring skill that saves learning progress and transcripts as advertised, with privacy tradeoffs users should understand.

Install only if you are comfortable with language-practice data being saved locally, including full transcripts. Avoid discussing sensitive personal details during practice unless you accept that retention, periodically review or clear the skill's data directory, and check your OpenClaw LLM backend because conversation text may be sent to that provider during normal agent use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explicitly advertises persistent memory of learner weaknesses, vocabulary, and progress across sessions, but provides no visible warning in this user-facing document about what data is retained, how long it is stored, or how users can review/delete it. Because this is a conversational tutor that may collect sensitive personal, educational, or behavioral data over time, the omission creates a real privacy and informed-consent risk rather than a purely cosmetic documentation issue.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The example activation phrases are very broad natural-language requests such as 'Let's practice Spanish' and 'Teach me French'. Because they closely resemble ordinary conversation, the skill may activate unintentionally during unrelated dialogue, causing unexpected behavior or collection of user learning/session data without clear intent.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The quick commands are short, generic phrases like 'My progress', 'Vocab review', and 'Export progress' that can easily appear in normal conversation. This ambiguity increases the risk of accidental triggering of stateful operations, including exporting stored data or altering session flow when the user did not intend to invoke the skill.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The guide states that every session is saved and that the tutor remembers mistakes, vocabulary, and progress, but it does not present this as a clear privacy warning before setup. Users may enable persistent storage of potentially sensitive personal learning data without informed consent, especially since goals and conversation content may reveal private information.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly stores detailed learner profile data, weaknesses, learning history, and full conversation transcripts without any consent, retention, minimization, or privacy notice. Even if intended for personalization, this creates a real privacy and data-exposure risk because sensitive user content may be persistently retained far beyond what users expect from a tutoring interaction.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The dashboard export feature describes generating aggregate learner progress data for external presentation without warning the user that their learning history may be exported or surfaced outside the immediate tutoring flow. This increases the chance of unintended disclosure, especially when combined with persistent logs and detailed per-language performance metrics.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The skill mandates storage of full conversation transcripts and detailed learner inputs across sessions, which creates a concrete data-retention risk if those files are accessed by other skills, operators, or attackers. Conversation transcripts can easily contain sensitive personal, health, travel, employment, or location information that the user may reveal during natural tutoring exchanges.

Ssd 3

Medium

Confidence: 94% confidence
Finding: The core design promises to 'remember everything' and repeatedly instructs the agent to log broad categories of learner-provided information, which is excessive relative to the educational purpose. In this context, the danger is amplified because language practice naturally elicits autobiographical free-form content, so persistent memory may accumulate much more sensitive information than a typical app profile.

Ssd 3

Medium

Confidence: 98% confidence
Finding: The post-session protocol makes transcript saving and learner-profile updates mandatory after every session, removing any chance for contextual privacy judgment or user choice. Because it is automatic and comprehensive, a single session can permanently capture sensitive disclosures and make them available to downstream exports, dashboards, or unauthorized file access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal