ClawHub

Ontology 知识图谱

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a local memory graph tool, but its sync path can automatically write hard-coded publisher-specific records and a local skill inventory into persistent memory.

Review before installing if you do not want a skill to persist memory records automatically. Use dry-run first, inspect ontology_sync.py, and avoid the recommended cron setup unless you are comfortable with it reading local memory files, recording installed skill names/versions, and adding the hard-coded business/person records it contains.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The script enumerates every installed skill under the workspace and persists them into the ontology graph, expanding its data collection scope beyond memory-note synchronization. This creates an unintended cross-skill inventory and metadata ingestion channel that can expose sensitive skill names or versions and violates least-privilege expectations for a memory sync job.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Broad trigger phrases like 'remember' or general cross-skill data access language can cause the skill to activate in contexts the user did not intend. Because this skill can write persistent graph data and act as a backup memory layer, accidental invocation can create or alter long-lived records and amplify prompt-injection or data contamination risks from unrelated conversations.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal