ClawHub

tutor-buddy-pro

Security checks across malware telemetry and agentic risk

Overview

The core tutor is understandable, but the bundle mixes sensitive student progress tracking with unclear off-device dashboard sync despite local-only privacy promises.

Install only if you are comfortable with local learner progress files being created. Do not enable or build the dashboard sync path until it has explicit opt-in, a known authenticated HTTPS endpoint, data minimization, retention/deletion controls, and parent or guardian consent where appropriate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The README makes a strong security/privacy assurance ('your data stays on your device', 'no data exfiltration') without providing evidence in this file, while setup requires users to paste an external prompt that could materially change behavior. Unverified safety claims are risky because they may cause users to trust the skill with sensitive educational or child-related data under false assumptions.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The skill scope is tutoring, but it also references a shell script (`scripts/generate-progress-report.sh`) and HTML-to-image rendering via Playwright for progress summaries. Those extra execution and rendering surfaces are not necessary for core tutoring and can expand the attack surface, especially if any user-controlled data is later passed into shell commands, HTML templates, or browser rendering flows.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The README simultaneously promises privacy-first, on-device-only operation while advertising progress tracking, proficiency scores, and learner profiling, which typically require storing user data. Without explaining whether storage is local, optional, retained temporarily, or shareable, the document creates a misleading privacy posture that can expose sensitive student data through undisclosed persistence.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill markets progress tracking, weak-area identification, and child suitability, but the README does not warn users that it may store learner progress and potentially child-related educational data. In an education context, that omission is more sensitive because parents or students may provide minors' data without informed consent or understanding of storage implications.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The suggested invocation phrase, "Help me with my math homework," is generic natural language that overlaps heavily with ordinary user requests. If the platform uses example phrases for routing or activation, this can cause unintended triggering of the skill during unrelated conversations, increasing the chance of inappropriate data access or unexpected behavior.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The usage trigger includes broad phrases like anything related to learning, tutoring, or homework help, which can cause the skill to activate in ordinary conversation without clear user intent. Over-broad invocation increases the chance of unintended data handling, inappropriate persistence of student information, or the model entering this skill context when another safer/default behavior should apply.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs storage of quiz history and learner progress, including data that may belong to minors, without a clear user-facing notice or consent step. Silent persistence of educational performance data can create privacy and compliance risk, especially where users may not realize their interactions are being retained across sessions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The spec describes syncing locally stored student progress data, including study sessions, quiz results, OCR'd problem text, and image references, to a web dashboard via POST /api/sync, but it does not mention consent, authentication, transport protections, data minimization, or privacy disclosures. Because the data concerns students and parents and may include educational records and submitted content, silent or poorly explained transmission to a remote service creates a real privacy and data-exposure risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal