ClawHub

NCCU OJ

Security checks across malware telemetry and agentic risk

Overview

This NCCUOJ helper does what it says, but it asks for passwords in command-line arguments and stores reusable login cookies in the workspace without enough safety guidance.

Review before installing. Use only on a trusted private machine, avoid giving real passwords through command-line arguments or shared terminals, confirm submissions before running them, keep NCCUOJ_BASE_URL unset or pointed only at the official site, and delete or protect .nccuoj/cookies.txt after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs users to pass usernames and passwords directly on the command line, which commonly exposes secrets via shell history, process listings, logs, and agent telemetry. This is unnecessary secret exposure for normal operation and can leak credentials to other local users or systems collecting command invocations.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The submission workflow repeats the practice of placing plaintext credentials in command arguments for both submit and result-check steps. Repetition across the core workflow makes credential disclosure likely during routine use, especially in shared machines, CI, or instrumented agent environments.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
Contest mode again requires users to supply plaintext passwords on the command line, extending the same exposure into a high-frequency workflow where users may be stressed and less cautious. Because contest operations often happen on shared or monitored systems, the chance of unintended credential disclosure is elevated.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill not only promotes unsafe credential handling but also fails to warn users that command-line secrets may be visible in shell history, process lists, and logs. The absence of warnings increases the likelihood that users unknowingly expose their NCCUOJ accounts.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
These submission examples normalize plaintext credential use without any notice about secret exposure or retention. In an agent setting, command strings may be captured in transcripts or telemetry, so omitting warnings materially increases real-world leakage risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents automatic storage of session cookies in the workspace but does not warn that these cookies are sensitive bearer credentials that may persist across runs, be committed accidentally, or be read by other tooling. A stolen cookie may allow account access without needing the original password.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal