ClawHub

康奈尔笔记

Security checks across malware telemetry and agentic risk

Overview

This is a classroom note-organization skill whose storage and retrieval behavior is disclosed and aligned with its purpose, though users should understand it keeps note-derived study metadata.

Install only if you want this skill to keep an organized study record of uploaded notes, extracted keywords, summaries, links, and retrieval history. For sensitive student material, confirm where the Note DNA data is stored, who can access linked skills, and how notes and metadata can be deleted or disabled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
92% confidence
Finding
The skill mandates activation for a very broad set of common note-related requests, which can cause over-collection and over-use of the skill even when a lighter-weight response would suffice. In this skill's context, broad auto-invocation is more dangerous because the workflow includes storing note content, generating metadata, and linking data across other skills, increasing privacy and consent risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not clearly warn users that uploaded notes, extracted keywords, summaries, dates, topic links, and cross-skill associations may be stored and later surfaced in other contexts. This is especially risky here because the notes may contain sensitive student information, and the skill explicitly supports persistent storage, retrieval history, and sharing into other educational workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal