ClawHub

File History Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a real local file-versioning tool, but it needs review because it can preserve sensitive file contents in hidden history and overwrite files during restore.

Install only if you intend to use it on explicit local files and understand that snapshots may copy readable file contents into .fvsnap. Avoid using it on .env files, private keys, tokens, credentials, regulated data, or broad config directories unless you deliberately want local history of those contents. Confirm the exact path before restore or watch mode, and inspect/remove .fvsnap history when it may contain sensitive data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Low
Confidence
88% confidence
Finding
The README advertises commands like restore and watch that can overwrite tracked files or create hidden .fvsnap state, but it does not clearly warn users about these side effects before they run them. In a file-versioning tool, these behaviors are expected, but missing disclosure increases the chance of accidental data modification, confusion, or unintended persistence in sensitive directories.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger keywords include broad, common phrases such as "diff," "restore," and "track changes," which can cause the skill to activate during ordinary user requests unrelated to this tool. Overbroad activation increases the chance an agent will invoke file-versioning operations unexpectedly on sensitive files or directories.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The manifest trigger `file versioning` is underspecified and could match a wide range of benign conversations about version control concepts rather than a clear request to run this specific skill. Ambiguous routing is risky because the skill performs file reads, writes, restoration, and storage of file contents, so accidental invocation has meaningful side effects.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes storing snapshots in a hidden `.fvsnap/` directory but does not clearly warn that full file contents, including secrets and regulated data, may be copied there and retained over time. This omission can mislead users into snapshotting sensitive files without understanding that additional local copies and history artifacts are being created.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal