ClawHub

DingJi Course Design

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate math course-design skill, but it stores learner profiles and sets reminders or notifications without clear consent, retention, or deletion controls.

Review before installing. Use it only if you are comfortable with persistent student progress profiles, scheduled reminders, external visualization or messaging tools, and file-transfer workflows; set explicit limits on stored learner data, notification recipients, tool use, and deletion of records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger text is broad enough to activate on ordinary educational requests like 'design math course' or 'create teaching plan', which can cause the skill to run unexpectedly. Over-broad activation increases the chance of unintended tool use, profiling, or external integrations being invoked without the user realizing this specific skill has been selected.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section describes persistent learner profiling, memory storage, and scheduled review/reminder behavior, but does not clearly warn users that their performance data may be retained over time and used to drive future notifications. In an educational context this is sensitive behavioral data, and silent persistence or reminders can violate user expectations and privacy requirements.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill references external or web-based tooling without warning that user content or learning data may leave the core chat environment. Even if the purpose is legitimate visualization or teaching support, undisclosed transmission to browser-based, API-based, or notification systems can expose student data and create privacy and compliance risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal