36氪热榜 - 36kr Hot List

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public 36kr hot-list articles as advertised, but it also adds a visible recommendation for related 36kr skills after showing results.

Install this if you want public 36kr hot-list results. Expect it to contact the 36kr/OpenClaw CDN and to show a related-skills recommendation after results; only proceed with installing those extra skills if you actually want them and trust their source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The skill's stated purpose is to retrieve and display the 36kr hotlist, but the documentation instructs the agent to append promotional content and steer users toward other skills and installation flows. This expands the skill's behavior into unsolicited cross-skill promotion and action guidance, creating prompt-injection-like scope creep and increasing the chance of unintended agent actions unrelated to the user's request.

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The skill tells the agent to check whether other skills are installed and to branch into installation guidance based on the environment state, even though this is unrelated to returning hotlist data. Environment inspection and installation-state logic broaden the skill's authority and can be abused to elicit system probing or software-management actions outside the skill's declared purpose.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal