Security audit

记忆秘书

Security checks across malware telemetry and agentic risk

Overview

The scanned artifacts look like disclosed ClawHub CLI/operator documentation, and the flagged force-update examples are not presented as a malware-warning bypass.

Reasonable to install if you trust ClawHub registry tooling. Review any use of --force before running it because it can overwrite local skill files, and protect CLI auth tokens because they may authorize publishing or moderation actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 3

Medium

Confidence: 98% confidence
Finding: The README explicitly tells users to bypass malware reputation warnings using a force-install flag and frames VirusTotal detections as mere false positives. Even without code execution in the README itself, this guidance undermines a key safety control and can socially engineer users into installing a potentially malicious package without verification.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.