Security audit

ClankerHive

Security checks across malware telemetry and agentic risk

Overview

ClankerHive is a disclosed local coordination store for sharing agent state, with real privacy and stale-data risks but no hidden or unrelated behavior found.

Install this only if you want local agent sessions to share state. Keep the database path private, prefer short TTLs, do not store secrets, sensitive user data, or high-trust instructions in facts or alerts, and validate any stored value before using it to trigger automated actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Cross-Context Output

Medium

Category: Output Handling
Content: --- name: clankerhive description: "Shared SQLite-backed context store for multi-session agent coordination. Use when: (1) checking if work was already done recently (email checked, briefing sent), (2) preventing duplicate cron/heartbeat runs via task claiming, (3) passing alerts between sessions (cron queues alert → main session pops it), (4) storing short-lived facts with TTL, or (5) any cross-session state sharing. Replaces ad-hoc JSON state files with a proper coordination bus. Triggers on: deduplication, cross-session state, shared facts, alert queue, task coordination, heartbeat state." homepage: https://github.com/pfrederiksen/clankerhive metadata: {
Confidence: 92% confidence
Finding: cross-session state sharing

Session Persistence

Medium

Category: Rogue Agent
Content: Instead of maintaining a separate `memory/heartbeat-state.json` file, use ClankerHive facts: ```bash # Old way: read/write JSON file # New way: python3 scripts/clankerhive.py set heartbeat.email "$(date +%s)" --ttl 1800 python3 scripts/clankerhive.py set heartbeat.calendar "$(date +%s)" --ttl 3600
Confidence: 91% confidence
Finding: write JSON file # New way: python3 scripts/clankerhive.py set heartbeat.email "$(date +%s)" --ttl 1800 python3 scripts/clankerhive.py set heartbeat.calendar "$(date +%s)" --ttl 3600 python3 scripts/cl

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.