ClawHub

AI信号筛选

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AI-industry monitoring assistant that uses web search, a temporary subagent, and scoped local memory files for personalization and deduplication.

Install if you want a personalized AI-news and signal report workflow. Before use, review the local memory/signal/profile.md contents because watchlists and keywords can be used in web searches and passed to a temporary subagent. Expect memory/signal/history.md to be created or updated automatically; periodically review or delete those local memory files if you do not want persistent history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase '最近有什么变化/有什么值得关注的' is broad enough to overlap with ordinary conversation, which can cause the skill to activate when the user did not intend an AI-industry signal workflow. In this skill, activation can lead to web searches, subagent spawning, and file reads/writes, so accidental invocation has meaningful side effects beyond just producing text.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The '筛选、过滤、分析AI领域信息' trigger is underspecified and lacks clear boundaries on source, scope, or user intent, making it easy to match many generic requests. Because this skill performs autonomous search, fetching, and persistence, an overly broad trigger increases the risk of unintended tool use and unexpected processing of user context.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to automatically create and update memory/signal/history.md and later update it again without clearly notifying the user at the time of execution. Silent persistent storage of activity history and profile-derived data creates a privacy and transparency issue, especially since writes may occur even when the report itself is not saved.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal