ClawHub

Agent Architecture Guide

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only agent guide, but it recommends broad, long-lived memory logging and remote memory indexing without enough privacy boundaries.

Install only if you intend to treat it as architecture guidance rather than automatic policy. Before adopting its memory patterns, define what may be saved, exclude secrets and sensitive personal data, set deletion and retention rules, review memory files periodically, and prefer local embeddings or explicit approval before sending indexed memory to remote providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The WAL trigger guidance is broad enough to capture ordinary conversation content such as preferences, names, and dates, which can cause over-collection of user data into persistent memory. In a skill explicitly teaching agents to write before responding, vague triggers increase the chance of unnecessary retention and downstream misuse of sensitive information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section instructs agents to persist user corrections, preferences, proper nouns, and dates to memory files without any disclosure, consent, or minimization guidance. That creates a privacy and compliance risk because personal or sensitive data may be written to durable storage automatically.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The working-buffer pattern directs the agent to log every message and response summary once context passes a threshold, effectively creating continuous transcript storage. Without notice, minimization, or deletion rules, this materially increases the risk of retaining confidential user content beyond what is needed for task completion.

Missing User Warnings

High
Confidence
98% confidence
Finding
The vector-search setup recommends third-party embedding providers and API keys but does not warn that memory contents may be transmitted to external services for indexing. Because the same document advocates storing rich user memory, this omission can lead to unintentional off-box disclosure of private or sensitive data.

Ssd 3

Medium
Confidence
96% confidence
Finding
Logging every user exchange into persistent memory creates a direct data retention and leakage risk, especially if conversations contain secrets, personal details, or regulated information. The danger is amplified because the guidance presents this as an operational default rather than a narrowly scoped diagnostic mode.

Ssd 3

Medium
Confidence
90% confidence
Finding
The layered memory design says raw daily logs are never deleted and that conversation context should be compressed into archives, which promotes indefinite retention of potentially sensitive user information. Long-term accumulation increases exposure from compromise, misuse, or later secondary processing beyond original user expectations.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal