ClawHub

Self Improving Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned but needs review because it enables automatic conversation analysis and local improvement logging without clear consent, scope, retention, or disable controls.

Install only if you are comfortable with the skill analyzing conversation content for improvement. Before enabling automatic use, confirm where logs are written, how to disable auto-analysis, how to exclude sensitive sessions, and how to delete stored improvement records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The statement that the skill 'automatically analyzes conversations after each session' is a broad activation condition with no clear user trigger, boundaries, or exclusions. In practice this can cause the skill to process sensitive conversations unexpectedly, increasing privacy risk and making behavior hard for users and reviewers to predict.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description and usage present automatic conversation analysis as a feature but do not warn users that conversation content may be analyzed and logged. Because this skill is specifically designed for reflection and optimization, the context makes the omission more serious: the core function involves handling potentially sensitive chat content and derived behavioral data.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The configuration section defines default paths for an improvement log and a SOUL.md personality file but does not warn that the skill may write to local files by default. This is less severe than covert exfiltration, but it can still surprise users, overwrite expected files, or persist sensitive summaries in insecure locations.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broad and frames the capability as continuous self-improvement and optimization without defining boundaries, triggers, or prohibited behaviors. In agent systems, vague self-modifying or self-optimizing scope can enable unintended activation, overreach into unrelated tasks, or unsafe autonomous behavior because operators and downstream controls cannot reliably infer what the skill is allowed to do.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal