ClawHub

Gaokao Volunteer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Gaokao college-application helper, but its generated reports and web searches may expose score and rank details.

Before installing, be comfortable sharing Gaokao-related details in web searches and storing generated reports locally. Avoid including names, ID numbers, or account credentials, and delete exported reports or temporary profile files when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to read local reference files and generate output files, which are code-like file capabilities, but it declares no explicit permissions. This creates a mismatch between expected sandbox boundaries and actual behavior, increasing the risk of unauthorized file access or writes if the runtime trusts undeclared capabilities.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The skill says user scores and ranks must be processed in-memory only, yet the workflow writes profile, match data, and a final HTML report to disk. Because Gaokao scores, ranks, preferences, and school choices are personal educational data, persisting them can leak sensitive information through local files, backups, logs, or shared directories.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly advertises real-time web searching for current score lines and admission thresholds, but it does not warn users that their query contents may be sent to external services. In this skill context, users are likely to provide sensitive educational profile data such as province, score, rank, and subject track, so undisclosed external transmission creates a meaningful privacy and data-handling risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal