ClawHub

Xhunt Hot Tweets

Security checks across malware telemetry and agentic risk

Overview

This skill appears to only fetch public XHunt trend pages and summarize them, with no evidence of hidden access, persistence, credential use, or destructive behavior.

Install only if you are comfortable with the agent contacting trends.xhunt.ai for public trend data. Be aware it is designed to return Chinese summaries and may activate on broad hot-tweet or link-summary requests unless your agent router is stricter.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are very broad and resemble normal user requests, which increases the chance the skill activates when the user did not explicitly intend to call it. In an agent environment, overly broad activation can cause unintended browsing to external sites and return data in a fixed format, making routing and consent errors more likely.

Natural-Language Policy Violations

Medium
Confidence
77% confidence
Finding
Declaring that outputs are always in Chinese without user choice can cause the skill to override user intent or system language expectations. This is primarily a policy and UX safety issue: it can lead to misleading responses, improper task fulfillment, or unintended disclosure through forced translation rather than a direct exploit.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The invocation description uses broad natural-language triggers such as '最火推文/热门帖子/Top20/4小时最火/给我链接+摘要', which can easily match ordinary user requests that are not specifically asking to invoke this skill. That increases the chance of unintended activation, causing the agent to fetch external content and shape the response in ways the user did not explicitly request.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The skill description mandates Chinese output ('输出中文摘要') without indicating that this is conditional on user preference or locale. This can override user intent, produce responses in an unexpected language, and create routing/UX failures where users receive transformed content they cannot validate easily.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal