ClawHub

self evolving agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent self-improvement workflow that writes local learning notes and helper files, with no evidence of hidden exfiltration, destructive actions, or privilege escalation.

Install only if you want a coding agent to keep local, persistent notes about lessons, capabilities, and evaluations in your workspace. Review the generated learning files periodically, and avoid using it in repositories where task details or code should not be recorded in local memory artifacts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to read and update multiple workspace files and references orchestration modules, which implies file read/write access, and it is intended for coding agents where shell/environment access may be used during task execution. Having these effective capabilities without explicit permission declarations weakens governance and makes it easier for the skill to be invoked with more power than a reviewer expects.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description says to use the skill before major tasks and whenever the agent should inspect risks, learn, or choose safer strategies, which is broad enough to cause frequent activation across normal workflows. Over-invocation increases exposure to its file-writing and orchestration behavior, creating unnecessary persistence, context pollution, and a larger attack surface for prompt-influenced memory updates.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Activation conditions such as 'difficult,' 'novel,' 'high-stakes,' and 'useful tactic' are subjective and leave too much discretion to the agent. In practice this can lead to inconsistent or excessive activation, causing unnecessary memory retrieval, file updates, and self-modification behavior in contexts where it is not justified.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal