ClawHub

Cognition

Security checks across malware telemetry and agentic risk

Overview

This is a transparent local memory scaffold for agents, with expected persistent file writes but no evidence of hidden network access, credential collection, or destructive behavior.

Install this if you want an agent to maintain local persistent memory in a workspace. Do not store secrets or sensitive personal data in the memory files, review FUTURE_INTENTS entries periodically, keep triggers narrow, and enable scheduled consolidation or weekly reflection only where append-only local reports are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Low
Confidence
85% confidence
Finding
The prompt instructs the agent to write a report into a persistent memory path (`memory/summaries/YYYY-WNN.md`), which is a durable file modification. Although the workflow is framed as 'analysis and recommendations only,' it still performs a write without an explicit user-facing warning or confirmation boundary about persistent storage effects. This creates a mild integrity risk because an agent can alter long-lived state automatically on a schedule.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The template explicitly supports context-based triggers using vague conditions like 'when topic arises', which can cause an agent to execute deferred actions in situations that only loosely match the original intent. Because this file is scanned every session start and every heartbeat, an ambiguous trigger increases the chance of unintended or premature execution of stored actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal