ClawHub

Self Improving Agent (Alex)

Security checks across malware telemetry and agentic risk

Overview

This skill transparently helps agents save learning notes and optional reminders, but users should avoid storing secrets or private transcripts in those notes.

Install only if you want persistent agent learning notes. Keep .learnings local unless you intentionally want team sharing, redact API keys, tokens, passwords, customer data, private transcripts, and sensitive command output, and review anything promoted into shared memory or agent instruction files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (7)

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The manifest presents the skill primarily as a passive learning/error logging aid, but the body also describes hook-based automatic activation, error detection, and creation of new skill scaffolds via helper scripts. This mismatch can cause users or orchestrators to authorize the skill under a narrower trust model than its documented behavior warrants, increasing the chance of unintended filesystem writes or autonomous behavior.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The document claims the hook scripts 'only output text' and 'don't modify files or run commands,' but the configuration explicitly invokes shell scripts via command hooks. This is a misleading security statement that can cause operators to underestimate the trust boundary and enable code execution hooks without appropriate review, especially since hook scripts run automatically in response to prompts or tool use.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The manifest description contains very broad activation cues such as failures, corrections, outdated knowledge, and discovering better approaches, which can match a large fraction of ordinary agent interactions. Overbroad triggers increase prompt-surface area and may cause the skill to activate in situations where persistent logging or follow-on actions were not intended.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The automatic trigger examples include common phrases like 'Can you also...' and 'Is there a way to...', which are normal conversational patterns rather than high-signal indicators for persistent logging. In a skill system, such generic phrases can lead to excessive or unintended activation, creating noisy persistence and increasing the chance of recording sensitive context without clear user intent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description is very broad and can cause the skill to activate in many loosely related situations, including routine failures, user corrections, or vague requests for improvement. In a self-improvement skill, that ambiguity is risky because it may collect, store, or generalize from sensitive interaction data too aggressively, and it increases the chance of unintended self-modification behavior being invoked without explicit user intent.

Session Persistence

Medium
Category
Rogue Agent
Content
└── FEATURE_REQUESTS.md
```

### Create Learning Files

```bash
mkdir -p ~/.openclaw/workspace/.learnings
Confidence
88% confidence
Finding
Create Learning Files ```bash mkdir -p ~/.openclaw

Session Persistence

Medium
Category
Rogue Agent
Content
### Option 1: Project-Level Configuration

Create `.claude/settings.json` in your project root:

```json
{
Confidence
84% confidence
Finding
Create `.claude/settings.json` in your project root: ```json { "hooks": { "UserPromptSubmit": [ { "matcher": "", "hooks": [ { "type": "command",

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal