ClawHub

Ontology

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local knowledge-graph memory skill with expected persistence risks but no hidden network, credential, or destructive behavior found.

Install this only if you want the agent to maintain persistent local structured memory. Avoid storing passwords, tokens, or highly sensitive content in the graph, review memory/ontology periodically, and ask the agent to confirm before creating, updating, linking, or deleting records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to create and modify local workspace files under memory/ontology, but it does not declare corresponding permissions or guardrails. This mismatch can lead to unintended file writes, reduce auditability, and make it easier for the skill to be invoked with write side effects that users or the platform did not clearly authorize.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger guidance includes broad phrases like "remember" and "what do I know about," plus generic CRUD and cross-skill state access behaviors, which can cause the skill to activate in contexts where persistent memory writes or graph queries were not intended. Because this skill maintains shared structured state, accidental invocation can create incorrect records, leak contextual information across tasks, or modify memory based on ambiguous user input.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes broad terms such as "知识管理", "实体管理", and "ontology", which can match ordinary user requests outside the intended skill boundary. In an agent environment, overly generic triggers can cause incorrect skill activation, unintended access to shared graph memory, or routing of unrelated requests into a stateful subsystem.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal