ClawHub

Moses Modes

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only governance skill that is disclosed and purpose-aligned, but users should understand its persistent mode and logging implications.

Install only if you want a skill that can shape the agent’s behavior across tasks using a persistent local mode file. Check the active mode before sensitive work, avoid the unrestricted mode for high-risk tasks, and review the separate moses-governance dependency to understand any logging, audit, or deletion controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Ssd 4

Medium
Confidence
93% confidence
Finding
The 'None (Unrestricted)' mode explicitly removes behavioral constraints and normalizes disabling safeguards as a supported operating mode. Even with operator acknowledgment and auditing, presenting a no-constraints option in a governance skill increases the likelihood that users or downstream agents will bypass safety controls during risky tasks.

Ssd 3

Medium
Confidence
84% confidence
Finding
The mode definitions instruct the system to 'log full reasoning chain,' which implies retaining sensitive interaction content and internal deliberation in plain language. This creates data-retention and privacy risk, especially in the stated contexts of financial operations, sensitive data, and production systems.

Ssd 3

Medium
Confidence
90% confidence
Finding
Self Growth mode directs the agent to reflect on prior interactions and maintain a growth log, which encourages persistent semantic retention of user data and historical behavior. Without strict minimization and retention controls, this can accumulate sensitive information beyond what is necessary for the immediate task.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal