ClawHub

Continuous Evolution

Security checks across malware telemetry and agentic risk

Overview

This skill is not deceptive or destructive, but it is designed to persist task details and create follow-up tasks automatically without clear consent, retention, or review controls.

Install only if you intentionally want persistent self-improvement memory and automatically generated follow-up tasks. Avoid using it with sensitive prompts, credentials, proprietary data, or private user content unless you add redaction and retention controls, and manually review any generated P1 evolution tasks before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the system to automatically record experiences, analyze gaps, update assessments, and generate queued tasks, but it provides no disclosure, consent gate, or boundary on what task-derived data may be persisted. This creates a real privacy and integrity risk because user content, internal reasoning artifacts, or sensitive task context could be stored or transformed into future tasks without authorization.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The post-task workflow says every task completion triggers experience recording, success/failure analysis, and archival to an experience store, again without warning that task information will be retained. In an agent skill context, this is dangerous because routine interactions may silently become long-term memory entries, enabling unintended collection of sensitive user data or operational details.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script persists raw task descriptions and execution results to a daily markdown file under a fixed workspace path, and it does so automatically with no consent, redaction, or sensitivity checks. In an agent environment, tasks and results can easily contain secrets, proprietary data, prompts, credentials, or personal information, so this creates a real confidentiality risk if those files are later read, indexed, backed up, or exposed to other skills/processes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal