ClawHub

小愈树 — AI 儿童心理成长顾问

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it persistently records sensitive information about children without clear consent, retention, or deletion controls.

Install only if you are comfortable with the platform storing child-related behavioral and counseling notes across sessions. Before using it, confirm whether memory can be disabled, reviewed, corrected, and deleted, and avoid sharing names, school names, medical details, or crisis information unless the platform has clear privacy safeguards. This is parenting support, not clinical diagnosis or emergency care.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly advertises cross-session memory for child profiles and ongoing counseling progress, which implies storage of highly sensitive data about minors' behavior and mental-health-related issues. In this context, the lack of any user-facing warning, consent flow, retention limits, or privacy boundaries creates a real privacy and safety risk because parents may disclose identifiable child information without understanding it will be persisted.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger conditions are so broad that the skill may activate during casual parenting conversations and begin steering users into a mental-health-oriented workflow without clear intent or informed engagement. Because the subject matter involves children, school problems, emotions, and behavior, unintended invocation increases the chance of collecting sensitive family information or presenting quasi-clinical guidance in contexts where the user did not explicitly request it.

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger scope is extremely broad and is explicitly designed to activate on casual parenting remarks, which increases the chance of unintended invocation in ordinary conversations. In a child-psychology skill with memory features, over-triggering is more dangerous because it can cause sensitive family and child behavioral information to be collected or acted on when the user did not clearly seek this service.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill description states that it maintains ongoing growth records and counseling progress for children, but does not disclose any privacy notice, retention policy, consent flow, or limits on what is stored. Because the data concerns minors' mental health, behavior, school issues, and family dynamics, undisclosed persistence creates a significant privacy and compliance risk.

Missing User Warnings

High
Confidence
99% confidence
Finding
The instructions require memory updates on every conversation whenever new problems, situations, or feedback are mentioned, creating mandatory persistence of potentially sensitive minor data without user awareness or consent. This is especially risky because the stored content includes behavioral problems, emotional struggles, school incidents, and inferred psychological judgments, which can amount to profiling of a child.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill directs the agent to build persistent, categorized records of a child's identity, traits, problems, interventions, and progress over time, which constitutes longitudinal profiling of a minor and family context in natural language. The context makes this more dangerous because the domain is child mental health and parenting support, so the retained information is highly sensitive and could expose intimate behavioral, educational, and emotional details if misused or retained without strict controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal