ClawHub

ontology

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local knowledge-graph memory skill that stores persistent workspace data, so users should control what it is allowed to remember.

Install this only if you want agents to maintain a durable local knowledge graph. Do not store passwords, tokens, or raw secrets; use references to a separate secret store instead. Periodically inspect memory/ontology/graph.jsonl and schema.yaml, because updates and deletes are represented as appended history rather than erasing prior records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to create and modify local files under memory/ontology, but it does not declare corresponding permissions. This creates a capability/authorization mismatch: an orchestrator or reviewer may treat the skill as lower risk than it is, while the skill can persist data and alter shared workspace state, including cross-skill memory used by other components.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad and include generic language such as 'remember' and cross-skill data access, which can cause the ontology skill to activate in many contexts beyond explicit user intent. Because this skill writes persistent shared memory, unintended activation can lead to accidental data retention, incorrect graph mutations, or contamination of state consumed by other skills.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal