ClawHub

ClawHub Market Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a low-privilege market research skill that uses public ClawHub listing data, with no evidence of hidden execution, credentials, or destructive behavior.

Reasonable to install as an instruction-only market analysis helper, but do not assume the advertised clawhub-market-analyzer CLI exists from these artifacts alone. If a separate executable or package is later provided, review that code separately before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The ticket assistant advertises generic trigger phrases like '工单' and '创建工单', which are broad enough to match ordinary support-related conversation rather than an explicit request to invoke the skill. This can cause unintended activation and downstream actions such as analyzing screenshots or creating tickets based on incidental chat context, which is especially risky because the skill appears action-capable.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The quote-reading skill says it activates when a user references previous messages, which is a very common conversational behavior and lacks a precise boundary for when the skill should run. That creates routing ambiguity and could expose prior-context retrieval or interpretation in situations where the user did not intend to invoke a specialized skill.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The memory skill uses a generic example like '记住 XXX', which can overlap with natural language requests and may encourage capture of information whenever the model interprets a phrase as memorable. In a memory-oriented skill, ambiguous triggering is more dangerous because it can persist sensitive or personal data beyond the user's intended scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal