ClawHub
Back to skill

Security audit

My Self Improving

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it creates persistent local memory that can steer future agent behavior and has broad automatic learning triggers.

Install only if you deliberately want a persistent local memory system for the agent. Before setup, confirm what will be stored in ~/self-improving/, whether workspace files such as AGENTS.md, SOUL.md, and HEARTBEAT.md may be edited, how to disable automatic logging, and how export and full deletion work. Do not store secrets, sensitive personal data, or proprietary details unless you are comfortable with local retention.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill’s activation criteria are broad enough to trigger during routine failures, corrections, or self-critique, which can cause persistent memory behaviors to run in many ordinary interactions. In this context, over-activation increases the chance of collecting and storing user preferences or corrections without sufficiently explicit, situational consent, expanding the privacy and behavioral risk surface.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill persistently stores corrections, preferences, and project/domain patterns in local files, but the warning about retention is not prominent at the point of use. That creates a meaningful privacy risk because users may provide corrective feedback or personal preferences without realizing the information will be retained across sessions.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill instructs creation of persistent files and directories under the user's home directory without any explicit warning, consent step, or scope limitation. Even though the files appear benign, modifying a user's environment can create privacy, persistence, and trust issues, especially for a self-improving agent designed to retain information across sessions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The file explicitly states that the agent will add and compact entries in persistent memory automatically, but it does not mention any user notification, consent, or review step before writing. In a self-improving agent, silent persistence can store sensitive user preferences, project details, or interaction-derived data across sessions, creating privacy and integrity risks if the user does not realize memory is being modified.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill defines commands to store, display, export, and delete user memory and history data, but it does not include any consent, retention, minimization, or privacy safeguards. In a self-improving agent, this creates a real risk of collecting and exposing sensitive preference, project, or behavioral data without clear user awareness or control beyond raw commands.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Automatic loading of memory on session start and periodic scanning/maintenance increase the privacy risk because the system may process stored user data without an active, contextual prompt or renewed consent. In this skill's context, proactive self-improvement and broad memory access make the behavior more dangerous because the agent is designed to continuously reuse and reorganize past user information across sessions and projects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.