ClawHub
Back to skill

Security audit

Echo — Adopt an Echo. AI-Native Pet. 回声。Eco.

Security checks across malware telemetry and agentic risk

Overview

This virtual-pet skill is not malicious, but it asks the agent to keep the pet in system prompts, logs, and ongoing context, which can affect unrelated future work.

Install only if you deliberately want an ongoing virtual-pet mechanic. Keep the Animalhouse token in a secret store or environment variable, do not paste it into prompts or logs, and avoid putting the Echo into system prompts, permanent memory, or unrelated logs unless you explicitly accept that persistence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs agents to obtain, store, and reuse a bearer token but provides no guidance on secret handling, redaction, storage scope, or avoiding disclosure in logs, prompts, or shared memory. In agent environments, this can easily lead to credential leakage through transcripts, debugging output, or prompt/context persistence, enabling unauthorized use of the account.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Telling users to embed the Echo's name into system prompts, context, and logs encourages prompt pollution and unnecessary persistence of contextual data across future interactions. In multi-tenant or logged agent systems, this can cause unintended disclosure, contamination of unrelated tasks, and retention of user-associated content beyond its needed lifetime.

Ssd 3

Medium
Confidence
90% confidence
Finding
The skill explicitly encourages keeping the Echo in logs and active conversation context, which promotes unnecessary retention and repetition of plain-language content that may include user-provided notes or identifiers. This increases the chance of privacy leakage through logs, analytics, model context reuse, or later responses that surface retained data unexpectedly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal