ClawHub

油价智能提醒

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed oil-price reminder that fetches a public government website and stores a small local state file, with some setup and reliability caveats.

Install only if you want recurring oil-price monitoring. Confirm the cron schedule, notification channel, and how to disable the job and delete /workspace/memory/oil_state.json. Treat the reminder as approximate because the script uses a hardcoded adjustment-date heuristic and does not appear to implement all advertised configuration features.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation describes shell execution via curl and local file writes to persistent state, yet no permissions are declared. This creates an authorization and transparency gap: a host may grant broader-than-expected capabilities or users may not realize the skill performs network polling, filesystem modification, and scheduled execution setup.

Vague Triggers

Medium
Confidence
78% confidence
Finding
Broad trigger phrases like '什么时候加油' and '油价涨了吗' can cause the skill to activate unintentionally during ordinary conversation. In context, accidental activation is more concerning because the skill may create persistent cron jobs and state files, turning a simple query into an ongoing background process without clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states it will automatically create a cron job and persistent local state file but does not clearly warn users about ongoing execution or system modification. This is dangerous because persistent background tasks can continue consuming resources, generating notifications, and modifying host state after the user may believe the interaction was one-time.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal