ClawHub

AI广告投手 Ad Trader

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent advertising-data analysis and reporting helper, with manageable risks around broad invocation wording and CDN-based report charts.

Install only if you want a local helper for advertising exports and reports. Use it with intended ad data files, be aware that generated HTML reports load Chart.js from a third-party CDN when opened, and avoid sharing reports if they contain sensitive business metrics.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger list includes broad phrases such as ad analysis, optimization, reporting, and diagnosis that can match many ordinary user requests. Over-broad activation increases the chance this skill is invoked unexpectedly, causing unintended access to uploaded business data or generating outputs when the user did not intend to use this skill.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The usage examples are phrased as generic natural-language requests like '分析我的广告投放数据' and '生成日报' without any explicit invocation boundary. In multi-skill environments, ambiguous examples can cause accidental routing into this skill, which is more sensitive here because the skill handles uploaded files, business metrics, and report generation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The generated HTML report loads Chart.js from a third-party CDN at view time, which introduces a supply-chain and privacy risk. If the CDN resource is compromised, blocked, or modified, anyone opening the report may execute attacker-controlled JavaScript in the browser context, and report access patterns may also be disclosed to the external host.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal