ClawHub

Habit tracking, todo, and routines

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed habit, task, and reminder API skill with optional logging and dispatch hooks that users should enable deliberately.

Install if you are comfortable sending habit, task, routine, reminder text, user IDs, and settings to Buffy’s external API. Protect BUFFY_API_KEY, avoid broad system keys unless needed, review any generated API keys, and enable the optional hooks only where local logging and chat-channel dispatch match your privacy and retention requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The hook explicitly suggests logging error details, including optional context such as endpoint or user intent, into a repo-local markdown file without any privacy warning, minimization guidance, or redaction requirements. This can expose sensitive operational metadata or user-derived context to anyone with repository or workspace access, and logs often persist longer and are shared more broadly than runtime state.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The hook explicitly describes forwarding reminder payload data, including activity titles and channel identifiers, to external chat systems without any mention of consent checks, data minimization, or user-facing disclosure. This creates a real privacy and information disclosure risk because reminder content and identifiers may be sent to third-party channels or mapped through integration glue code in ways the user may not expect.

Ssd 3

Medium
Confidence
94% confidence
Finding
This hook explicitly persists both user messages and agent replies to a repo-local markdown file, creating a durable plaintext record of conversational content. Even though the file notes privacy concerns, the design still increases exposure of potentially sensitive user data through local retention, accidental commits, broader file access, or later misuse beyond the original conversation context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal