ClawHub

Self Improving Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is not overtly malicious, but it asks the agent to keep persistent behavioral memory and share preference changes with another agent without clear consent or limits.

Install only if you want the agent to keep long-term notes about mistakes, preferences, and workflow patterns. Before using it, set explicit rules for what may be stored, require confirmation before writing preferences or SOUL/MEMORY updates, avoid storing sensitive personal or business details, and disable any automatic sharing with other agents unless you deliberately approve it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description is broadly framed as making an AI agent 'smarter over time' through learning from mistakes and repetition, without clear scope boundaries or activation constraints. In a skill system, this can cause the behavior to activate across many ordinary interactions and silently modify agent behavior or storage practices in contexts where the user did not explicitly request persistent self-improvement.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to persistently record errors, boss preferences, logic mistakes, and session-derived lessons into files like ERRORS.md, MEMORY.md, TOOLS.md, and SOUL.md, and to propagate preference changes to another agent. This creates a clear data retention and cross-context leakage risk because sensitive user information, internal reasoning artifacts, and behavioral profiles may be stored or shared without minimization, consent, retention limits, or access controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal