ClawHub

Heartbeat Kit

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only heartbeat template kit whose recurring email, calendar, and weather checks are disclosed and aligned with its purpose, though users should scope account access carefully.

Install only if you want periodic background checks. Before enabling it, review the HEARTBEAT.md template, set the intended email account and location, confirm which accounts and connectors your agent can access, and remove or disable the file when you no longer want those checks to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The README explicitly states that after copying a template, the agent 'picks it up automatically,' but it does not define clear guardrails for when the heartbeat runs, what permissions it uses, or how to limit execution scope. For a background task system that may access email, calendars, system health, repos, and social platforms, vague auto-activation language can lead users to enable persistent monitoring without understanding the operational boundaries or data exposure.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The usage text says the agent will 'pick it up on next heartbeat' but does not define any explicit activation boundaries, approval requirements, or scope restrictions. In a skill centered on automated monitoring templates, that ambiguity can cause an agent to begin polling sensitive sources or system state automatically once a file is dropped into the workspace, increasing the risk of unintended data access or background actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The included templates reference email, calendar, social notifications, system health, project status, and news monitoring, all of which may touch sensitive accounts, local machine telemetry, repositories, or external APIs. Presenting these as 'drop in and go' without warnings about credential use, data exposure, third-party access, or least-privilege setup makes accidental over-permissioning and privacy leakage more likely.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The template instructs the agent to check unread email and upcoming calendar events on every heartbeat, but it does not define explicit user consent, account scoping, frequency limits, or trigger boundaries beyond vague periodic language. In a real agent environment, this can lead to continuous access to sensitive communications and schedule data, increasing privacy risk and the chance of over-collection or unintended notifications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This template processes private email, calendar, and location-derived weather information but provides no user-facing warning or consent language about the sensitivity of those data sources. That omission is risky because users may deploy the skill without understanding it will routinely inspect personal communications, schedules, and location context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal