ClawHub

MbtiClaude

Security checks across malware telemetry and agentic risk

Overview

This skill intentionally reads local AI prompt histories to create an MBTI-style profile, and that sensitive behavior is disclosed and appears local-only.

Install and run this only if you are comfortable with the agent reading prior AI prompt histories from the listed local tools. Review or redact histories first if they may contain secrets, client data, personal details, or confidential work, and invoke the skill only intentionally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes automatic extraction and analysis of local prompt histories from multiple AI tools without prominently warning, before installation/usage, that those histories may contain sensitive work, personal, credential-adjacent, or proprietary data. In a skill specifically designed to aggregate cross-tool prompt history, this omission increases the chance that users run it without informed consent about privacy risk.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill advertises automatic extraction of prompt history from multiple AI tools before presenting a clear, prominent privacy warning or obtaining explicit consent. Because prompt histories can contain secrets, proprietary code, personal data, and prior conversations, silent collection creates a substantial privacy and data-exposure risk.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Triggers like 'test mbti', 'analyze personality', and similar phrases are broad enough to be invoked in ordinary conversation, which can cause unintended activation of a skill that reads highly sensitive local conversation histories. In this skill, accidental triggering is more dangerous than usual because activation leads to cross-tool profiling from local files.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states it will automatically extract prompt history from multiple AI tools, which is highly privacy-sensitive because prompt logs can contain secrets, personal data, proprietary code, and past conversations. The warning text only discusses MBTI accuracy and scientific limitations, not the security and privacy implications of collecting and analyzing these records.

Ssd 3

High
Confidence
97% confidence
Finding
The natural-language behavior of the skill is to collect and analyze users' prompt histories across several AI tools for personality profiling. This is sensitive behavioral surveillance and profiling, and the context makes it especially risky because the collected data spans multiple products and may reveal credentials, confidential projects, health/relationship details, or other intimate information.

Ssd 3

High
Confidence
98% confidence
Finding
The skill explicitly enumerates local history files and session stores from multiple AI products, directing the agent to read conversation archives for profiling. These paths are likely to contain raw user prompts and model interactions, which can include sensitive personal information, trade secrets, API keys, and internal system context.

Ssd 3

High
Confidence
98% confidence
Finding
The skill is designed to gather and analyze prompt history across several AI tools, which exposes a broad set of sensitive user-generated content through natural-language processing. Because these histories may include credentials, confidential work material, personal information, and security-sensitive discussions, automated aggregation materially increases privacy and data-exposure risk.

Ssd 3

High
Confidence
99% confidence
Finding
Listing concrete local history file paths for Claude Code, Codex, Gemini, OpenCode, and OpenClaw operationalizes access to sensitive conversation archives stored on disk. In context, this is more dangerous because the skill's core purpose is personality inference, which does not require broad unrestricted access to all historical prompts and therefore encourages overcollection of private data.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal