ClawHub

Concept Ledger

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-related, but it automatically reloads prior user-derived concepts across sessions without clear user control.

Install only if you want durable concept memory across sessions. Before using it with proprietary plans or internal architecture, confirm where the memory is stored, how to inspect and delete entries, whether it is scoped per project, and how to disable automatic restore.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill explicitly states that prior session concepts are automatically loaded, which implies persistence of conversation-derived data across sessions. Without explicit consent, scope limits, or retention controls, this can leak sensitive project terminology or user-derived context into later interactions and violate expected session boundaries.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes automatic cross-session loading of prior concepts without warning users that conversation-derived data may persist beyond the current session. This undermines transparency and informed consent, and could expose sensitive internal names, plans, or business context when users assume each session is isolated.

Ssd 3

Medium
Confidence
95% confidence
Finding
Automatically restoring prior concepts across sessions creates an unscoped memory channel that may carry sensitive or stale information into new contexts without user intent. In a brainstorming and system-design setting, these concepts can encode proprietary architecture, internal codenames, or strategic plans, making cross-session leakage more dangerous than a generic glossary feature.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal