ClawHub

滴滴出行优惠券自动领取

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do the advertised Didi coupon claiming, with disclosed browser-session reuse and local logging, but users should enable its automation deliberately.

Install only if you are comfortable logging into Didi in the OpenClaw browser and letting this skill claim coupons with that session. Use a dedicated browser profile if possible, invoke it explicitly, enable the daily schedule only if you want unattended runs, and clear Didi cookies or delete the skill logs when you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger set includes broad natural-language phrases such as '打车有优惠券吗', which can overlap with ordinary conversation and cause the skill to run unintentionally. In this skill, unintended activation is more sensitive because execution opens a browser, uses retained login cookies, and attempts account actions automatically.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill states that login cookies are retained for future fully automatic runs, but does not present this as a clear user-facing warning in the main description or consent flow. Persisted authenticated sessions materially increase the sensitivity of accidental or unauthorized invocation because the skill can act on a logged-in account without re-authentication.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The skill documents writing detailed coupon results to local logs without clearly warning the user. While the logged data is not highly sensitive compared to credentials, it can still reveal account-linked promotions, usage habits, and timestamps that may be privacy-relevant on shared systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal