ClawHub

人物关系管理

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only contact lookup helper, but it asks the assistant to build persistent personal profiles with more data than needed and without clear opt-in controls.

Review before installing. Use only if you are comfortable with the assistant saving a persistent contact directory. Prefer saving the minimum needed platform handle, avoid gender/legal names/relationship notes unless truly necessary, and confirm the resolved recipient before sending messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill makes gender a required field even though its stated purpose is to resolve a person's platform nickname for messaging. This is unnecessary collection of sensitive personal data, increasing privacy risk and creating data minimization and compliance issues if the memory store is later accessed, misused, or retained indefinitely.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The learning flow solicits and stores a broad personal dossier, including formal name, multiple nicknames, occupation, relationship, interests, and other remarks, which goes well beyond the narrow function of finding a messaging nickname. Centralizing this unrelated personal data in memory materially increases privacy exposure, over-collection risk, and the harm from unauthorized access or secondary use.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to activate on ordinary contact-related requests, causing the skill to run and potentially query or store personal relationship data when the user did not specifically ask for profile management. This increases the chance of unintended data processing and surprise collection in routine messaging workflows.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the agent to collect and persist personal profile data without warning the user that this information will be stored in memory. Lack of notice and consent is dangerous because users may disclose third-party personal data believing it is used only transiently, while it is actually retained for future use.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
Mandating gender collection without user choice or task-based justification imposes unnecessary processing of sensitive or potentially sensitive demographic information. In this skill's context, gender does not appear essential to finding a platform nickname, so the requirement makes the workflow more privacy-invasive than necessary.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal