ClawHub

多智能体 3c4b57

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only multi-agent learning skill with messy, broad triggers but no code execution, credential access, persistence, or destructive behavior.

Install only if you want a broad multi-agent/COZE learning helper. Expect it may activate during ordinary discussion of multi-agent systems; tightening or deduplicating the trigger text would improve routing, but no security-sensitive behavior was found.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger string includes broad conversational phrases like '多智能体' and popularized marketing terms that are likely to appear in ordinary user queries. This can cause unintended activation of the skill, making it hijack unrelated conversations about multi-agent systems and increasing the chance that unreviewed skill instructions influence outputs unexpectedly.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation condition '用户需要多智能体相关帮助' is an extremely generic need statement without boundaries, so the skill may activate whenever a user asks broadly about multi-agent topics. In a skill system, ambiguous routing increases prompt-scope confusion and can cause this skill to override or interfere with more appropriate capabilities.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The repeated trigger section again uses broad phrases like the skill name variant and '用户需要...相关帮助' without any exclusion criteria. Repetition of ambiguous triggers across merged content compounds the risk of accidental invocation and makes routing behavior harder to audit and predict.

Vague Triggers

Medium
Confidence
92% confidence
Finding
This later repeated trigger block preserves the same ambiguous activation logic, so the skill remains prone to firing on general discussion rather than intentional invocation. Because the skill content is assembled from multiple sources, such overbroad matching raises the chance of unintended behavior propagation from merged instructions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The final trigger section still relies on generic product mention ('COZE') and a broad help-request phrase, both of which can occur in normal user conversation. This makes accidental activation plausible and increases the attack surface for prompt injection or misrouting through irrelevant skill selection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal