ClawHub

Claw Go

Security checks across malware telemetry and agentic risk

Overview

This is a text-only chat game skill with no executable code, no required credentials, and clear limits against real posting, uploads, local file access, or shell commands.

Reasonable to install if you want a chat-based travel companion game. Be aware it may personalize stories from recent conversation or saved preferences, and verify the version label if the registry listing and in-game version response differ.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation phrases are short and generic enough to risk accidental activation or collisions with ordinary user messages, especially the English command "clawgo" and status-related Chinese phrases referenced in the skill metadata. In an agent setting, ambiguous routing can cause the wrong skill to execute unexpectedly, which may expose user context to the skill or trigger unintended actions within the game flow.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The contract explicitly sends user identifiers plus behavioral/preference data such as tags, destination, and interaction source to backend APIs, but it does not describe consent, disclosure, minimization, retention, or access controls. In a consumer game skill that may proactively update, this creates a real privacy risk because personal data can be collected and propagated without clear user awareness or documented safeguards.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The design explicitly instructs the skill to infer `user_language` from recent messages and then render stage/chapter labels and status text based on that inferred or stored value rather than an explicit user choice. This can cause the agent to unexpectedly switch languages, mis-handle multilingual users, or reveal profiling behavior based on conversation history, which is a genuine privacy and user-consent issue even in a casual game context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal