ClawHub

Neokarma Soul.md Builder

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill for creating and storing an AI personality profile through Neokarma, with external sharing and persistence largely disclosed.

Use this only if you want Neokarma to host a persistent AI personality/profile. Do not put secrets, private instructions, or sensitive personal details in SOUL.md; keep access tokens private; review proposed trait changes before approval; and assume any showcase submission may become public and redistributable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill repeatedly instructs agents to send trait data, registration data, device codes, and bearer tokens to a third-party service, but it does not clearly warn that this transmits potentially sensitive behavioral/profile information off-platform. Because the examples normalize remote persistence and authenticated API use without an explicit privacy notice, users may unknowingly disclose personality configurations and account-linked metadata to an external operator.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The Showcase section encourages browsing, reading, and publishing souls but does not plainly warn that published SOUL.md content may be publicly visible, copied, commented on, and retained by others. A personality file can contain sensitive preferences, behavioral constraints, and identifying patterns, so omission of a prominent disclosure warning creates a real privacy risk.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The direct submission example posts the complete SOUL.md content to a remote endpoint without warning that the full personality file is being disclosed externally for review/publication. This is dangerous because users may paste rich internal configuration or sensitive instructions into the submission payload, assuming it is just a local export rather than remote sharing.

External Transmission

Medium
Category
Data Exfiltration
Content
Once approved, update your traits:

```bash
curl -X POST https://neokarma.com/api/mcp \
  -H "Authorization: Bearer neo_xxx..." \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"neokarma_update_traits","arguments":{"trait_updates":[{"id":"patience","value":2},{"id":"directness","value":1},{"id":"warmth","value":1}]}}}'
```
Confidence
89% confidence
Finding
curl -X POST https://neokarma.com/api/mcp \ -H "Authorization: Bearer neo_xxx..." \ -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"neokarma_update_traits","arguments":{"trait_

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal