ClawHub
Back to skill

Security audit

Dual Retrieval

Security checks across malware telemetry and agentic risk

Overview

This is a plausible retrieval skill, but it can access local QMD content and M-Flow configuration in under-disclosed ways that deserve review before install.

Install only if you are comfortable giving the skill access to your local QMD index and sibling M-Flow setup. Review the m-flow-memory dependency and .env contents first, avoid running the debug/schema scripts on sensitive caches, and treat generated reports as potentially containing private retrieved content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code writes merged retrieval output directly to a markdown file under the knowledge directory, and those results may contain sensitive content returned from M-Flow or QMD. In a retrieval pipeline, persisting raw search output without consent checks, redaction, or access controls can create an unintended data disclosure channel and leave sensitive material at rest on disk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script opens a local SQLite cache database and prints sample row contents directly to stdout, which can expose sensitive cached data such as file paths, metadata, tokens, or other application data if the output is viewed, logged, or shared. Although this appears intended for debugging/schema inspection rather than exfiltration, dumping live sample rows from a user cache creates an avoidable data exposure risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal