ClawHub

Agente Conhecimento

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a self-improvement logging tool, but it asks agents to preserve and share conversation-derived information across future sessions without enough privacy or control safeguards.

Install only if you intentionally want persistent agent memory. Before use, restrict where it may write, require approval before promoting notes into CLAUDE.md, AGENTS.md, SOUL.md, TOOLS.md, MEMORY.md, or Copilot instructions, avoid logging secrets or raw transcripts, and review any external repository or hook scripts before enabling them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to log user corrections, errors, and contextual details to persistent files without any guidance to minimize, redact, or avoid sensitive data. That creates a realistic privacy risk because secrets, personal data, internal prompts, tokens, or operational details may be stored long-term and later exposed through the filesystem, commits, backups, or other agents.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill advertises reading other session transcripts and sending learnings between sessions without any user-facing privacy warning, consent gate, or data minimization requirement. Cross-session movement of natural-language content increases the chance that private user inputs or sensitive operational context will be disclosed outside the original session boundary.

Ssd 3

Medium
Confidence
97% confidence
Finding
Persistently recording user corrections, requests, and full conversational context creates a data retention surface that can capture sensitive natural-language content far beyond what is necessary for learning. Because the files are intended to be durable and potentially reused by future agents, any captured confidential information may be repeatedly exposed or propagated.

Ssd 3

Medium
Confidence
98% confidence
Finding
The templates explicitly call for storing full context, user context, inputs, parameters, related files, and actual error output. Those fields commonly contain API keys, file paths, stack traces, customer data, prompt contents, and internal system details, so the template materially increases the likelihood of sensitive data retention and later leakage.

Ssd 3

Medium
Confidence
96% confidence
Finding
Cross-session transcript access and message sending expand the blast radius of any sensitive information captured by the skill, because data can move between contexts that may have different users, purposes, or authorization assumptions. Even if the original logging is benign, sharing learned content across sessions without safeguards can produce unintended disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal