ClawHub

人生模拟器 | Life Sim

Security checks across malware telemetry and agentic risk

Overview

This appears to be an instruction-only counterfactual life-simulation skill with some overbroad activation and personalization assumptions, but no evidence of code execution, credential use, persistence, exfiltration, or destructive behavior.

Install only if you want a Chinese-language counterfactual life-simulation workflow. Be aware it may activate on common phrases like “假如” or “如果当初,” and its default cultural assumptions may not fit every user; review or narrow the trigger wording if accidental activation would be disruptive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes very common phrases such as “假如” and “如果当初”, which can appear in ordinary conversation outside the intended use case. This can cause the skill to activate unexpectedly, hijack unrelated user requests, and steer users into a simulation flow they did not intend to invoke.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The instruction to start immediately whenever the user says a phrase like “如果当初xxx”, combined with “不追问”, removes disambiguation and consent checks. This increases the chance of accidental activation and prevents the agent from verifying whether the user actually wants a counterfactual life-simulation workflow.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The skill explicitly assumes users are mainly Chinese and instructs the model to apply a specific cultural and social background by default. While not a direct code-execution risk, this can lead to incorrect personalization, inappropriate inferences about the user’s identity, and reduced safety when the model confidently fabricates demographic context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal