ClawHub

企业-统一信用代码极速查询

Security checks across malware telemetry and agentic risk

Overview

This skill does the advertised company-code lookup, but it sends company queries to an undocumented HTTP service with limited user disclosure.

Install only if you trust the publisher and the agent-data.ihdwork.com service with the company names and enterprise IDs you query. Avoid confidential due-diligence searches until the skill documents the data flow and uses HTTPS or an approved internal endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill advertises very broad natural-language triggers and states that the agent will automatically match and execute it, which can cause unintended invocation of backend scripts. In this context, accidental execution can expose internal enterprise lookups, trigger network/internal-data access without clear user consent, and create an over-broad action surface for ambiguous requests.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill does not clearly warn users that it may call scripts, access networked services, or query internal data sources to retrieve enterprise information. That omission weakens informed consent and can lead to sensitive or regulated data being fetched unexpectedly, especially in enterprise environments where internal lookups may have access controls or audit requirements.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code hardcodes an HTTP endpoint and sends the enterprise name query over an unencrypted connection. This allows network attackers on the path to observe or tamper with requests and responses, which is especially risky in an agent context where returned data may influence downstream actions or expose business-sensitive search terms.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal