ClawHub

Correction Logger

Security checks across malware telemetry and agentic risk

Overview

This skill is a local correction-memory logger; its storage behavior is expected for its purpose, but users should treat the saved corrections as persistent sensitive data.

Before installing, be comfortable with a persistent local memory under ~/self-improving, including corrections.md, corrections_enhanced.db, and archive files. Do not log passwords, tokens, confidential prompts, or private user data unless you intend to retain them locally, and periodically review or delete old correction files and archives.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is designed to log user corrections, agent responses, corrected content, and JSON context into persistent storage, yet it provides no user-facing warning about retention, sensitivity, or the possibility of storing personal or confidential data. Because correction text and context may contain secrets, internal prompts, identifiers, or other sensitive content, this can create a privacy and data-retention risk that grows over time.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The documented automatic archive creation and backup behavior increases the number of persistent copies of logged content, but the skill does not warn users that data will be duplicated and retained in additional files. This expands the data exposure surface and can undermine expectations about deletion, especially if archived copies persist after the primary file is rotated or reset.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The logger persistently stores raw user_input, agent_response, corrected_response, context, and tags to both SQLite and a Markdown file without redaction, minimization, consent flow, retention controls, or access restrictions. In an agent setting, these fields can easily contain secrets, personal data, prompts, or proprietary content, so compromise of local files, logs, backups, or later debugging access could leak sensitive information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal