ClawHub

memory-assistant

Security checks across malware telemetry and agentic risk

Overview

This memory and voice-reminder skill does what it says, but users should understand it stores reminder/location notes locally and sends spoken text to SenseAudio for speech generation.

Install only if you are comfortable keeping item locations and reminders in local JSON files and sending any text you ask to be spoken to SenseAudio. Use a private API key, avoid storing highly sensitive locations or secrets, and only enable daemon or scheduled-task mode if you want ongoing background reminders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad everyday expressions such as '记一下' and '提醒我', which can be spoken in many benign contexts and may activate the skill unexpectedly. In this skill, accidental activation is more dangerous because it can store private item-location data or schedule spoken reminders without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends reminder text and item-location query content to an external TTS provider, but the user-facing description does not clearly warn that this private content leaves the local system. Because the content may include sensitive whereabouts of valuables, schedules, meetings, or personal routines, undisclosed third-party transmission creates a meaningful privacy and data-handling risk.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes common phrases and nouns such as '提醒我', '护照', and '几点开会' that are likely to appear in ordinary conversation, which can cause the skill to activate without clear user intent. In a memory/reminder skill, unintended activation can capture sensitive location data or create reminders unexpectedly, increasing privacy and usability risk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The examples explicitly describe persisting sensitive item locations and reminder details, but provide no indication of retention, consent, visibility, or privacy controls. For a memory/reminder skill, this can expose highly sensitive personal information such as where passports, keys, or travel plans are stored, increasing privacy and physical security risk if records are accessed by other users, logs, or integrations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill stores sensitive personal data such as item locations and reminders in predictable local files without any documented privacy notice, retention guidance, or access controls. This can expose highly sensitive behavioral and physical-security information to other local users, backups, or synced folders without the user realizing it.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation states that reminder text is sent to a third-party TTS service, but does not provide an explicit user warning or consent flow for external transmission. Reminder content can contain meetings, places, names, and other sensitive information, so silently transmitting it off-device materially increases privacy and confidentiality risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal