ClawHub

Clash Verge Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to manage a local Clash/mihomo proxy, but its broad activation scope and disruptive network commands need review before installation.

Install only if you intend to let the agent control your local Clash/mihomo proxy. Treat node switching, connection closing, DNS flushing, core restarts, and geo database updates as disruptive operations, and require an explicit request or confirmation before letting the skill run them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation description is broad enough to trigger on generic terms like 'proxy,' 'VPN,' or 'network proxy management,' which can cause the skill to activate outside the user's intended tool context. Because this skill is not read-only and includes state-changing operations such as switching nodes, closing connections, flushing DNS, and restarting mihomo, accidental invocation can lead to unintended disruption or exposure of network metadata.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation advertises destructive operations like closing active connections, flushing DNS, restarting the core, and upgrading geo databases without any warning, safety checks, or confirmation requirement. In a proxy-management skill, those actions can immediately disrupt connectivity, terminate user sessions, or change routing behavior, making accidental or over-broad use materially harmful.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal