ClawHub

Experience Distiller

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill helps decide where to save completed-task lessons and may write knowledge files when asked, with no hidden code or network behavior found.

Safe to install if you want help deciding what completed work should become memory, an experience entry, a playbook, or a skill. Before allowing it to execute writes, review the exact target files and content, redact sensitive details, and be especially careful with updates under playbooks or skills because those can shape future agent behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is extremely broad and includes many natural-language phrases for generic post-task reflection, which can cause the skill to activate in situations the user did not clearly intend. That increases the chance of unsolicited knowledge routing, accidental persistence of sensitive task details, and chaining into write operations based on ambiguous requests.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly says to write files directly when asked, but it does not warn about modifying user files, scope the allowed paths, or require confirmation before performing writes. In a knowledge-management skill that targets memory, playbooks, and skills directories, this creates a realistic risk of unintended file modification, persistence of sensitive data, or overwriting trusted operational content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal