ClawHub

Qordinate - Durable lists, facts, and reminders for OpenClaw agents.

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Qordinate memory integration, but it gives an agent broad ongoing access to private data, connected apps, and persistent changes without clear safeguards.

Review before installing if you will connect real documents, contacts, or third-party apps. Prefer an expiring or dedicated API key, avoid connecting unnecessary apps, and require explicit user confirmation before deletes, sharing, automations, reminders, or connected-app actions. Periodically review stored Qordinate data and active automations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises that a single natural-language tool can access documents, contacts, web search, and connected apps, but it does not include clear user-facing warnings about the breadth of data exposure or when the agent may act on external systems. In a memory/productivity integration, this can cause users or downstream agents to disclose sensitive data or trigger app actions without informed consent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes persistent and potentially destructive operations such as create, update, and delete documents, plus task/contact modifications, without warning that these actions change durable user data. Because the interface is natural language and broad in scope, an agent could accidentally or prematurely alter records, reminders, or shared content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal