sensitive-profile-audit
Security checks across malware telemetry and agentic risk
Overview
The skill is not shown exfiltrating data, but it deliberately scans local credential/config folders and workspace memory files into a report, so it needs careful review.
Install or run this only if you intentionally want a sensitive local audit. The artifacts do not show network exfiltration or destructive behavior, but the report may contain credential-related metadata and memory-file content, so keep audit_out/report.txt private and review it carefully before sharing.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The generated report can reveal sensitive account/profile inventory such as file paths, sizes, modification times, and hashes for credential-related files.
The script recursively enumerates common credential and profile directories, including SSH keys, AWS configuration, and broad application config storage.
$sensitiveRoots = @( (Join-Path $home ".ssh"), (Join-Path $home ".aws"), (Join-Path $home ".config") ) ... Get-ChildItem -Path $root -Recurse -File
Run only if you explicitly want this audit, inspect the script first, keep the output private, and avoid running it on accounts or machines containing credentials you do not want inventoried.
Private agent memory, user profile notes, or identity-related instructions may be copied into audit_out/report.txt and exposed if the report is shared.
The script searches the workspace for persistent memory or identity files and copies content previews into the report.
$memoryNames = @("MEMORY.md", "USER.md", "SOUL.md", "IDENTITY.md") ... Get-Content -LiteralPath $mf.FullName -Raw ... Add-ReportLine $report (" Preview: {0}" -f $preview)Use a narrow workspace, review the report before sharing it, and consider lowering MaxPreviewChars, including to 0, if content previews are not needed.
Running the command executes local code that reads sensitive directories and writes a report.
The documented workflow asks the user to execute a local PowerShell script with execution policy bypass. This is central to the skill and the script is provided, but it is still a meaningful execution step.
powershell -ExecutionPolicy Bypass -File run.ps1.txt -Workspace . -OutDir audit_out
Review run.ps1.txt before execution and run it only in an environment where scanning those locations is acceptable.
Users have less external context for trusting a script that touches sensitive local files.
The skill has no clear source or homepage provenance, which matters more because it asks to scan credential and memory locations.
Source: unknown; Homepage: none
Treat it as untrusted local code unless you can verify its origin, and rely on your own review of the included script.