ClawHub

Ai编程 0b1387

Security checks across malware telemetry and agentic risk

Overview

This is a text-only AI programming guide that is noisy and partly off-topic, but it does not request sensitive access or perform unsafe actions.

Before installing, consider whether you want a noisy skill that may trigger during unrelated AI, MIT, rail, or appliance conversations. It appears safe from a security standpoint, but the publisher should clean up the merged off-topic sections and narrow the triggers for reliability.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The skill is declared as AI-programming guidance, but large merged sections inject unrelated transportation, appliance, and electronics content, indicating data contamination and scope drift. This is dangerous because broad, irrelevant merged content can poison downstream agent behavior, trigger the wrong skill in unrelated contexts, and surface untrusted material that users did not request.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Triggers such as 'AI编程' and especially 'AI时代' are so broad that the skill may activate during ordinary discussion rather than explicit user intent to use this skill. Overbroad activation increases the chance of unintended prompt injection exposure, irrelevant responses, and routing users into a contaminated skill context.

Vague Triggers

Medium
Confidence
94% confidence
Finding
These merged sections introduce activation phrases for an unrelated rail-transport subskill, making the overall skill boundary ambiguous and increasing the likelihood of accidental invocation. In a system that auto-selects skills from user text, vague or conflicting triggers can route users into irrelevant or contaminated instructions.

Vague Triggers

Low
Confidence
91% confidence
Finding
Using a generic product name like '志高' as a trigger can accidentally match routine shopping or appliance conversations, causing this skill to activate outside its intended purpose. While the impact is lower than code-execution flaws, it still creates misrouting and expands exposure to irrelevant embedded content.

Vague Triggers

Low
Confidence
92% confidence
Finding
The single keyword '麻省理工' is a very broad trigger that could match many unrelated educational discussions and cause unintended activation of this skill. Because the file already contains substantial merged, off-topic material, accidental activation is more dangerous here than in a tightly scoped skill.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal