ClawHub

growth-tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a local progress-tracking/reporting helper whose persistent metrics are disclosed and aligned with its purpose, though users should understand it keeps a local history.

Install only if you want OpenClaw to maintain a local history of your progress, task, learning, achievement, and goal metrics. Review ~/.openclaw/data/quantified_self.json periodically, use export/reset commands deliberately, and set auto_track to false or reduce retention_days if ongoing local profiling is not desired.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The basic-query trigger phrases are extremely broad and map to normal conversational requests such as asking how things are going or requesting a report. In a skill-routing system, this can cause unintended activation, leading the skill to collect, summarize, or expose tracked data when the user did not explicitly mean to invoke quantified-self behavior.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The advanced-query examples like '详细报告' and '成长趋势' are even more generic than the basic triggers and are likely to appear in ordinary dialogue. This increases the chance of accidental skill invocation and unintended access to historical analytics or retained activity data.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README documents auto-tracking and persistent local storage, but does not prominently disclose that user activity data may be collected and retained by default. This creates a privacy and consent issue: users may unknowingly generate a local behavioral log that can later be exported, reviewed, or exposed through accidental invocation.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are very broad and can cause the skill to activate on ordinary conversations about progress, learning, or performance without clear user intent to enable tracking. In the context of a skill that persistently records interaction-derived data, over-triggering increases the chance of silent collection and retention of user-related activity data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill defines persistent local storage for detailed session metrics and later supports export/reset flows, but it does not require clear notice and consent before collection begins. Even if stored locally, this creates privacy risk because sensitive behavioral history may be accumulated without informed user awareness.

Ssd 3

Medium
Confidence
86% confidence
Finding
The skill's core purpose is to quantify and retain broad categories of growth, tasks, learning, achievements, and efficiency from interactions, which implies collection of comprehensive interaction-derived data. Without strong minimization and consent boundaries, this can become a privacy-invasive profile of user and agent activity over time.

Ssd 3

High
Confidence
98% confidence
Finding
These instructions explicitly direct continuous recording during conversations and saving full state after each round, creating ongoing session persistence of interaction-derived data. This is dangerous because it normalizes silent longitudinal tracking, increasing exposure of sensitive activity patterns and making later over-disclosure or misuse more likely.

Ssd 3

High
Confidence
97% confidence
Finding
Providing complete stored data on request can expose the entire accumulated interaction profile in one step, including derived behavioral and performance history. If triggered accidentally, by ambiguous phrasing, or in a shared environment, this increases the risk of unintended disclosure of sensitive local records.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal