ClawHub

Task Tracker Pro

Security checks across malware telemetry and agentic risk

Overview

This skill saves and resumes task lists in local files, which matches its stated purpose but means work details can persist across sessions.

Install this if you want durable local task tracking. Avoid putting secrets or highly sensitive details in task names, steps, or logs, and be mindful that prior task files may be read when a new session starts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger phrases are broad enough to activate on ordinary conversation such as asking for help, planning, or resuming work, which can cause the skill to run without clear user intent. In this skill, unintended activation is more dangerous because activation leads to persistent file creation and state tracking, creating privacy and consent risks beyond a normal no-op skill.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill description does not warn users that it will automatically create and update persistent files under the workspace to store task state. Because the skill is explicitly designed to distrust conversational memory and write all state to disk, lack of disclosure undermines informed consent and may expose sensitive project details in stored files.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The startup behavior instructs the agent to automatically scan prior task files at the beginning of new conversations, but the skill does not disclose this behavior to users. This is riskier than ordinary persistence because it crosses session boundaries and may surface or act on prior work context without the user explicitly requesting retrieval, potentially exposing sensitive history to the wrong conversation or user context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal