ClawHub

smart-chatbot-builder(智能聊天机器人构建器,快速创建客服/销售/内部助手聊天机器人,支持知识库、多轮对话、多渠道集成。)

Security checks across malware telemetry and agentic risk

Overview

This is a coherent chatbot-building guide with proportionate file and web capabilities, but users should be careful about customer data, logs, and broad activation triggers.

Install only if you are comfortable letting the agent help create chatbot assets from approved documents and websites. Avoid adding secrets or sensitive personal data to knowledge bases, define log and memory retention before production use, and test integrations such as Slack, Discord, WeChat, web embeds, or APIs with limited permissions first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises website fetching, document import, chat logs, and user behavior analysis, but provides no privacy notice, consent guidance, retention limits, or handling constraints. In a chatbot-building context, these features can collect and process sensitive customer, employee, or business data, so omission of data-handling safeguards creates a real privacy and compliance risk.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list contains very broad generic phrases such as "chatbot", "AI 助手", and "customer service", which can overlap with ordinary user requests and cause unintended skill activation. In a skill with read, write, web_fetch, and message capabilities, accidental routing can expose user data, perform unintended actions, or confuse task boundaries even without explicitly malicious logic.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal