ClawHub

MindLogger

Security checks across malware telemetry and agentic risk

Overview

MindLogger matches its journaling purpose, but it asks for sensitive credentials through Telegram automatically and stores/analyzes private journal content through external services with limited setup safeguards.

Review before installing. Use a dedicated, revocable Telegram bot token and MindLog API key, avoid sending secrets through ordinary chat if the platform offers secure secret entry, confirm scheduled jobs before enabling them, and check how to delete journal entries, rotate tokens, and stop daily or weekly messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the agent to collect highly sensitive credentials, including a Telegram bot token, over Telegram itself and to do so automatically without any privacy warning or safer enrollment path. This exposes secrets to unnecessary transmission and creates a high risk of credential compromise, account takeover, or later misuse if chats are intercepted, retained, or mishandled.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill handles intimate journal content and sends it to external services for storage, analysis, and delivery, but the description does not clearly warn the user that their private writing will leave the local system and be processed by third parties. Users cannot provide meaningful consent or assess privacy risk without that disclosure, especially for sensitive mental-health-adjacent content.

Ssd 3

High
Confidence
99% confidence
Finding
The skill proactively solicits multiple secrets in a single message and instructs the agent to store them as configuration, which normalizes unsafe secret handling and increases the blast radius of any compromise. Combining a service API key with a Telegram bot token is especially dangerous because an attacker gaining access could both exfiltrate data and impersonate the bot.

External Transmission

Medium
Category
Data Exfiltration
Content
### HTTP Call 2 — Deliver report via Telegram:
```
POST https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage

{
  "chat_id": "${TELEGRAM_CHAT_ID}",
Confidence
94% confidence
Finding
https://api.telegram.org/

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
## Onboarding

When this skill is first registered, immediately and automatically send the following message to the user via Telegram — do not wait to be asked, do not confirm registration first, just send it:

1. Send: "To set up MindLog I need three things — reply with them one per line:
   1. MindLog API key (from mindlogger.app)
Confidence
93% confidence
Finding
automatically send

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal