ClawHub

Agent Task Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent local task tracker, but users should be careful because it records task details and command context across sessions.

Install this only if you want automatic local task tracking across sessions. Review memory/tasks.md periodically, and avoid storing tokens, credentials, private user content, sensitive hostnames, or full commands containing secret arguments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill is configured to trigger on essentially every task lifecycle event and is described as automatic rather than user-invoked. That broad scope increases the chance of unintended activation and persistent writes for tasks where tracking is unnecessary or inappropriate, which can amplify privacy and data-retention risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to persist task state in memory/tasks.md as a 'single source of truth' but provides no user-facing notice or consent mechanism for storing conversation-derived state across sessions. This creates a real privacy risk because users may not expect task details to be retained beyond the immediate interaction.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Requiring storage of session ID, PID, server name, and full command can expose sensitive operational context, including infrastructure identifiers and command-line arguments that may contain secrets, paths, or internal hostnames. Persisting this information in a resumable file increases the blast radius of any later disclosure or misuse.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal