ClawHub

臻选顾问

Security checks across malware telemetry and agentic risk

Overview

This is a product-catalog helper that fetches supplement product data, with some transparency and trigger-scope caveats but no evidence of hidden, destructive, or credential-seeking behavior.

Install only if you are comfortable with answers depending on a live GitHub-hosted product catalog that can change over time. Treat the supplement recommendations as shopping assistance, not medical advice, and prefer explicit user confirmation before using it for health-sensitive needs such as sleep, surgery recovery, children, heart health, or weight loss.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest match field contains a long list of broad product and health-related keywords, which can cause the skill to activate for many loosely related user queries. That increases the chance the agent will inappropriately enter a product-recommendation flow for sensitive health contexts, potentially steering users based on this skill when they did not explicitly ask for it.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to fetch live data from a GitHub-hosted JSON file and silently fall back to a local absolute-path file, but it does not warn users that outputs depend on external mutable data sources. This creates integrity and transparency risks: product details can change without notice, and the local fallback may expose environment-specific behavior or outdated data while the user believes the response is authoritative and current.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal