ClawHub

Ecommerce Bundle

Security checks across malware telemetry and agentic risk

Overview

This ecommerce automation skill is coherent, but it asks for broad shop and messaging automation with weak safety boundaries and points users to an unreviewed installer.

Review the referenced GitHub repository and install.ps1 before running anything. Use test or least-privilege platform accounts first, keep automated replies in approval mode, confirm compliance with marketplace and privacy rules, and make sure monitoring and bot workflows have clear limits, logs, and a reliable stop switch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The listed trigger phrases are short, generic natural-language commands such as '查看评价' and '分析这个品类', which can easily overlap with ordinary user conversation. In an agent setting, broad triggers increase the risk of accidental invocation of monitoring, analysis, or configuration actions without clear user intent, especially because this skill performs operational ecommerce tasks.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README advertises competitor monitoring, review monitoring, and automated replies but provides no warnings about privacy, platform terms, scraping restrictions, account safety, or the possibility of sending unintended responses. In this context, users may deploy the skill without understanding that it can collect third-party data, interact with customer communications, or trigger anti-abuse controls on ecommerce platforms.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill advertises automated customer replies and order-status queries without warning that it may access customer communications, order information, and platform-linked account data. This can cause unauthorized actions, privacy exposure, or misleading automation behavior if a user enables it without understanding the scope and risks.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill includes competitor monitoring and review scraping/analysis capabilities but does not disclose privacy, platform policy, or account-risk implications. Users may unknowingly deploy scraping or browser automation against third-party platforms in ways that violate terms, expose account credentials, or collect personal data from reviews.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal