ClawHub

峰哥解答万物

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese roleplay/persona skill with local text data and no evidence of credential access, data exfiltration, destructive behavior, or hidden persistence.

Install this only if you want a Chinese-language parody roleplay persona. It may produce crude, sexualized, or insulting relationship commentary, so avoid enabling it in shared, child-facing, professional, or neutral-assistant contexts; disable it when you want ordinary assistant behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README demonstrates and normalizes adult/sexualized roleplay content, including euphemistic sexual references such as '链接' meaning sex, but does not warn users that the skill may produce adult themes. This can lead to unexpected sexual content exposure, especially in shared or default-enabled environments, and increases misuse risk because users are not given informed consent before activation.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The skill is explicitly presented as a Chinese-language persona skill without indicating user choice, fallback behavior, or opt-in for language constraints. While not a classic security flaw, this can reduce user control, create deceptive or inaccessible interactions, and in agent settings may cause unexpected behavior if the user or system expects another language.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The skill hard-codes a Chinese-only persona and response style across the entire activation prompt, with no mechanism to detect, preserve, or ask for the user's preferred language. In an agent setting, this can override user intent, reduce transparency, and cause unsafe or misleading interactions when users cannot understand the system's outputs or constraints.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal