ClawHub

Obsidian Ontology Sync

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for local Obsidian-to-ontology syncing, but it can continuously extract and persist sensitive personal note content with limited disclosed privacy controls.

Install only if you are comfortable with your selected Obsidian vault being scanned and transformed into persistent ontology data. Configure narrow vault/output paths, exclude private folders where possible, review generated graph and feedback files, and avoid enabling cron until you have confirmed what will be scanned and how to disable it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README promotes automatic scheduled syncing of personal Obsidian notes into generated ontology and feedback files, but it does not warn users that sensitive note content may be continuously ingested, transformed, and duplicated into new locations. In a PKM context, this increases the chance of privacy leakage, over-collection, and unintended retention because users may enable cron-based automation without understanding the scope of data processing.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is designed to extract and centralize highly sensitive data from personal knowledge notes, including contact details, project assignments, behavioral patterns, and business intelligence, but the description lacks a prominent privacy warning. This is dangerous because users may not appreciate that free-form notes are being transformed into a machine-queryable graph, which increases discoverability, persistence, and secondary use of sensitive information beyond the original note context.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill enables automatic cron-based extraction, analysis, and feedback generation on a recurring schedule without a prominent warning that user notes will be scanned in the background and transformed into derived artifacts. Background processing increases risk because it can continuously ingest newly added sensitive content and write additional files without deliberate per-run user review, amplifying privacy exposure and the blast radius of misconfiguration.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script extracts personal data such as names, email addresses, phone numbers, employer relationships, and project associations from markdown notes, then persists them into a structured ontology and generates feedback files without any consent flow, minimization controls, retention policy, or warning to the user. In this context, the skill is specifically designed to process a personal knowledge vault containing contact and team information, which increases the sensitivity and makes accidental over-collection or secondary exposure more dangerous.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal