ClawHub

Obsidian Master Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a mostly static Obsidian setup helper, but users should be careful before enabling its optional chat import, AI, sync, or memory features.

Before installing, review the optional integrations: only connect chat accounts you intend to archive, keep API keys secure, understand whether your Obsidian vault or memory/ folder syncs to cloud storage, and periodically delete or protect sensitive imported notes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Low
Confidence
87% confidence
Finding
The upload guide tells users to run `clawhub publish` but never explicitly warns that this sends the skill contents to a remote service. In a skill package that may contain local configuration, templates, references, or embedded integration details, omission of that warning can cause accidental disclosure through user misunderstanding rather than explicit consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README advertises automatic Telegram/WeChat message organization and automatic writes into a `memory/` directory, but does not warn users that personal messages and derived notes may be persisted, transformed, or exposed to sync/backups. In a note-taking and AI-integration skill, this can lead to unintentional collection of sensitive data, especially if users connect personal chat channels or sync their vault to cloud services.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly says it will generate multiple files in the user's workspace, including memory and personal preference files, but does not warn the user that local data will be created or modified. This can lead to unintended persistence of sensitive information, workspace pollution, or overwriting/merging with existing notes in a way the user did not anticipate.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation describes automatic ingestion of Telegram/WeChat messages into Obsidian, which may import private conversations, credentials, or regulated personal data into a note vault. Without a privacy warning, consent flow, or scoping controls, users may unknowingly centralize sensitive content in plaintext or broadly synced notes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal