ClawHub

Qordinate - Durable lists, facts, and reminders for OpenClaw agents.

Security checks across malware telemetry and agentic risk

Overview

This is a real external-memory integration, but it lets an agent persist user facts, tasks, contacts, and reminders to Qordinate through chat apps without enough privacy controls.

Install only if you are comfortable with your agent sending selected memory to Qordinate through a linked WhatsApp, Telegram, or Slack account. Before using it, set rules that require confirmation before storing sensitive items, prohibit secrets, OTPs, credentials, financial, health, or confidential business data, and verify Qordinate's retention and deletion controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to offload long-term facts, tasks, reminders, preferences, and config to an external third-party service over chat channels, but it provides no privacy warning, consent requirement, data classification limits, or guidance on sensitive data handling. This creates a real risk of unintended disclosure of personal or confidential information because agents may forward user data to WhatsApp, Telegram, or Slack-backed workflows without the user understanding the transfer or its retention implications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup flow tells the user to create an external account using a phone number and OTP and then link that account to messaging channels, but it omits any warning that this links personal identifiers and future agent-generated content to a third-party system. Even if the account creation itself is user-driven, the lack of disclosure and safeguards increases the chance that users unknowingly expose personal data and establish a persistent external data sink for agent memory.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal