ClawHub

Tts Cleanup Checklist

Security checks across malware telemetry and agentic risk

Overview

This is a text-cleaning instruction skill with disclosed file-processing behavior and no hidden code, credentials, network use, or persistence.

Install this if you want a Chinese-oriented TTS cleanup workflow for Markdown/TXT. When using it, provide narrow input paths or globs, write to a separate output directory, and explicitly say whether citations, URLs, references, language, or formatting must be preserved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description says it should be preferred whenever the user mentions broad phrases like '清洗文本用于 TTS' or '批量清洗章节', which creates an overly broad trigger surface. This can cause the agent to invoke the skill on ordinary editing or document-processing requests without explicit user confirmation, leading to unintended transformation of user content or inappropriate file processing.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The instruction '当用户要求“清洗用于朗读”时,Agent 直接按本技能执行' directs automatic execution without defining boundaries, validation, or confirmation steps. In practice, this increases the chance of mis-triggering and performing content-altering actions on ambiguous requests, especially because the skill can process files or directories in batch mode.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill defaults to Chinese-oriented normalization and spoken-form conversion rules, including `spoken_cn` and Chinese chapter heuristics, without requiring locale selection or user opt-in. This can corrupt non-Chinese text, alter pronunciation-sensitive content, or produce the wrong output language/style, which is especially risky in multilingual or mixed-language documents.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal