ClawHub

Chess Coach

Security checks across malware telemetry and agentic risk

Overview

This chess coaching skill is coherent and purpose-aligned, but users should know it contacts Chess.com and stores local coaching history.

Install this only if you are comfortable sharing a Chess.com username, allowing outbound requests to Chess.com's public API, and keeping local coaching notes over time. Review or delete memory/chess_state.json and memory/chess_observations.jsonl if you do not want retained profile or performance history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to call `scripts/chess_api.py` against the Chess.com public API, which is network-capable behavior, but no corresponding permission declaration is present. Undeclared network access weakens policy enforcement and user transparency because the skill can reach external services without an explicit capability boundary.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger condition 'when a user mentions chess or improving their game for the first time' is broad and can activate on casual or tangential discussion. That increases the chance the skill starts collecting usernames, making network requests, or storing data without sufficiently clear user intent to engage this specific coaching workflow.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The workflow says to store the user's Chess.com username and preferred formats in `memory/chess_state.json` but does not require a clear notice or consent step before retention. Persistent storage of profile identifiers can create privacy risks, especially because it links a user's external account to ongoing monitoring behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill logs recurring behavioral observations about the user's mistakes to `memory/chess_observations.jsonl` over time, but the user is not clearly warned that longitudinal performance profiling is occurring. Even if the data is game-related, accumulating habit and weakness profiles increases sensitivity because it creates a durable behavioral record.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal