ClawHub

Qian Jiu Jiu

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese typo and grammar preprocessor with some usability risks, but no evidence of hidden code, data theft, persistence, or destructive behavior.

Install this only if you want a global Chinese-message preprocessor. Be aware that short replies such as “好”, “行”, “可以”, “ok”, or “y” may be treated as approval after a warning, and consider disabling or narrowing the skill if you want typo checking only on explicit request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The confirmation keyword list includes generic conversational terms like "行", "可以", "好", "ok", and "y", which can easily appear in normal dialogue without a deliberate intent to approve reuse of the original erroneous sentence. In this skill, those broad triggers directly control whether processing continues on potentially malformed input, so accidental confirmation can bypass the user's opportunity to correct meaning-affecting errors.

Vague Triggers

High
Confidence
94% confidence
Finding
The skill declares that it automatically activates on each user message, which gives it blanket access to all incoming content regardless of user intent or language relevance. Even though the stated function is benign, this broad trigger can cause unnecessary interception of sensitive messages, prompt friction, and unintended influence over downstream agent behavior across unrelated tasks.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The skill is optimized for a Chinese language context and presents itself as automatically active, but it does not describe a user opt-in or language-negotiation step before applying that constraint. In practice, this can mis-handle multilingual or non-Chinese messages and create confusing prompts or filtering behavior for users who did not request language-specific preprocessing.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal