ClawHub

apple-notes-formatting

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-risk Apple Notes formatting skill with some language and routing quality issues, not evidence of malicious behavior.

Install only if you want Apple Notes-style formatting and are comfortable with Chinese being used by default. For best results, explicitly state your preferred language and whether you want Apple Notes formatting when making a request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill explicitly states '默认用中文写', which can override the user's language preference and cause unintended language switching. This is primarily a safety/quality issue rather than a direct security exploit, but it can degrade usability, create confusion, and cause the agent to mishandle user intent in multilingual contexts.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation text is broad enough to match common formatting and note-editing requests, which can cause the skill to trigger outside its intended narrow scope. Over-broad routing is dangerous because it may override a more appropriate skill or impose this guide's formatting and language constraints on unrelated user tasks, reducing user control and causing incorrect outputs.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The guide text is written as an unconditional instruction set in Chinese and does not provide a user-language fallback or document why Chinese-only behavior is required. This is risky because the skill may ignore the user's language preference and silently transform outputs into Chinese, causing data handling mistakes, usability failures, and policy noncompliance in multilingual contexts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal