ClawHub

Self Evolution Engine

Security checks across malware telemetry and agentic risk

Overview

This skill appears aimed at self-improvement, but it asks for broad access to memories and transcripts and can turn them into persistent agent behavior changes.

Install only if you intentionally want an agent to learn from prior sessions and update its own behavior files. Require manual invocation, review proposed diffs before any write, exclude secrets and raw transcripts, and keep backups of behavioral files so changes can be undone.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set includes generic phrases such as 'pattern analysis' and 'optimize behavior', plus multilingual triggers, which can activate the skill in ordinary conversation without the user intending a self-modifying workflow. Because this skill can analyze retained interaction data and propose or apply changes, accidental invocation materially raises privacy and integrity risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill presents itself as a general self-improvement engine but does not prominently warn that it may analyze session transcripts, memory stores, and long-term learnings, then update core behavioral files. This missing disclosure undermines informed consent and can cause users to trigger sensitive data processing and persistent configuration changes without understanding the consequences.

Missing User Warnings

High
Confidence
96% confidence
Finding
The examples and workflow describe direct integration steps that update behavioral files after validation, including approve and auto-evolve style operations, but they do not pair those actions with clear user-facing consent or impact warnings. In context, this is especially risky because these files govern future agent behavior, so silent or poorly disclosed modification can create persistent and hard-to-detect changes.

Ssd 3

Medium
Confidence
93% confidence
Finding
The skill explicitly directs collection and analysis of daily logs, memory files, long-term memory, session transcripts, and tool usage patterns as inputs to ongoing evolution. That creates a clear data retention and secondary-use risk because potentially sensitive user content can be aggregated, mined for patterns, and repurposed into persistent behavioral rules beyond the original conversation context.

Ssd 3

Medium
Confidence
91% confidence
Finding
The workflow encourages extracting user preferences and memory-derived patterns and promoting them into persistent behavioral files, which operationalizes long-term reuse of user-provided data. This is dangerous because private preferences, contextual details, or transient requests can become durable defaults affecting future interactions without the user's explicit approval.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal