ClawHub

查看学邦数据。用于登录学邦后台并读取首页今日经营数据与待办数据。

Security checks across malware telemetry and agentic risk

Overview

The skill has a clear purpose, but it saves a business login username and password in a workspace note by default, which needs review before installation.

Install only if you are comfortable with the agent handling a Xuebang backend login. Prefer a least-privilege account, explicitly tell the skill not to save the password, and remove any credentials from `workspace/TOOLS.md` after use. A safer version would use session-only credentials, a password manager, or token-based authentication instead of writing the password to a workspace note.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to store user login credentials in `workspace/TOOLS.md` for future reuse, which is unnecessary for the stated task of viewing dashboard data. Persisting reusable credentials in a local note increases exposure risk through later unintended access, leakage to other tasks, or compromise of the local workspace.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill tells the agent to persist login credentials locally without a clear, prominent warning about privacy, retention, and reuse implications. In this context, the data being stored are authentication secrets for a business backend, so lack of explicit disclosure and informed consent materially increases the chance of unsafe handling and surprise persistence.

Ssd 3

High
Confidence
98% confidence
Finding
This is a direct instruction to save user-provided account credentials in a local note for future reuse, which creates a reusable secret cache outside a dedicated secrets-management system. Because the skill accesses a real administrative web portal, compromise of that note could allow unauthorized access to business data and potentially broader account abuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal