ClawHub

Cerebro Openclaw Memory Boost Kb

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed memory and documentation workflow, but it gives an agent broad authority to read private project notes and create or update persistent operational records without consistently requiring user approval.

Install only if you want an agent to treat local Cerebro files as a durable source of truth. Review the Cerebro and memory folders first, keep secrets out of those notes, and require the agent to show exact write-back content and paths before creating or updating files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill advertises very broad activation criteria such as resuming prior work, making operational decisions, or executing company/project tasks, which can cause it to trigger in many normal conversations. That breadth increases the chance the agent will apply the skill in contexts the user did not intend, leading to unnecessary reading of internal docs and persistent write-backs.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The write-back protocol mandates updating authoritative files and daily memory in the same action, but it does not require notifying the user that persistent repository changes will occur. This can lead to silent modification of operational documentation and memory logs, creating integrity and privacy risks if the skill is triggered unexpectedly or on untrusted prompts.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The missing-doc auto-create protocol instructs the agent to create new files automatically whenever guidance is missing, without prior user approval. In practice this enables repository mutation from ambiguous or incomplete requests, which can pollute the source of truth, create unauthorized records, or be abused to plant misleading operational guidance.

Vague Triggers

Low
Confidence
91% confidence
Finding
The template leaves the scope section as empty placeholders and does not prompt for concrete trigger or activation boundaries. In a downstream skill or policy doc, that ambiguity can cause the document to be interpreted too broadly, leading agents or operators to apply it outside its intended context and potentially bypass expected routing, approval, or privacy constraints.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal