ClawHub

transcript triage

Security checks across malware telemetry and agentic risk

Overview

This transcript-triage skill appears purpose-built for organizing conversations, but it can automatically turn untrusted transcript content into persistent notes and memory entries without clear review controls.

Install only if you are comfortable with transcripts being summarized into persistent project notes and memory. Review extracted NOW items and DECISIONS before accepting them, avoid feeding sensitive or adversarial transcripts, and consider disabling or constraining automatic writes to epic-notes and memory unless you explicitly request them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases "parse conversation" and especially "organize chat" are broad enough to match normal user requests that may not be intended to invoke this skill. In a system with multiple skills or automatic routing, this can cause unintended activation on arbitrary pasted conversations, leading to processing and possible downstream note or memory updates from untrusted transcript content.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly describes bridging external AI conversations into internal workflow and logging decisions to memory, but it does not warn that transcript-derived content is untrusted and may contain prompt injection, false decisions, or sensitive data. This increases the risk that adversarial or low-quality transcript content is transformed into persistent internal notes, roadmap items, or memory entries, creating integrity and privacy issues.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal