ClawHub

深圳小鹿选房

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed real-estate search CLI integration with API-key setup; its main risks are normal credential and npm-package execution precautions, not hidden malicious behavior.

Install only if you trust the xiaolu-house CLI and service. Do not paste API keys into ordinary chat unless the client provides a secure secret-entry flow, review any config --show output before sharing it, and use config --clear or rotate the API key if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to check and set API keys and mentions encrypted local storage, but it does not give clear warnings about handling secrets, showing config output, or avoiding disclosure of sensitive values. This can lead to credential exposure in chat transcripts, logs, screenshots, or terminal output if the agent retrieves or echoes configuration details.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to execute `npx -y xiaolu-house` commands on the user’s behalf, which causes retrieval and execution of external code and potentially modifies local configuration. Running package-managed CLI tools without explicit risk warnings or user confirmation expands the trust boundary to npm and the package author, creating supply-chain and local-environment risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal