Back to skill

Security audit

Accountability Buddy

Security checks across malware telemetry and agentic risk

Overview

This is a simple local learning accountability tracker with no evidence of hidden network access, credential use, or destructive behavior.

Install if you want a local learning-goal tracker. It stores your topic, daily goal, check-ins, and notes locally in progress.json. If using the manual GitHub clone option instead of ClawHub install, verify the repository first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The description lists triggers such as "track my progress", "help me stay consistent", and "check in on me", which are common conversational phrases rather than narrowly scoped invocations. The file also does not provide exclusion conditions or negative examples to clarify when the skill should not activate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.