ClawHub

Cttc Auto Learn

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent browser automation, but it pulls unpinned external code, stores reusable login state, and includes broad cleanup actions, so it should be reviewed before use.

Install only if you are comfortable with an agent cloning and running unpinned code from GitHub, automating your mooc.ctt.cn account, storing a reusable login session locally, and potentially interrupting Chrome. Review the upstream repository first, confirm the exact commit you want to run, and delete output/auth-state.json when you no longer need saved login state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes broad everyday terms such as '烟草', '网络学院', and '学时', which can cause the skill to activate in unintended contexts and start a high-impact browser automation workflow. Because this skill performs login, credential handling, and long-running automated actions, accidental invocation is more dangerous than for a read-only or informational skill.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to forcibly kill all Chrome processes and recursively delete cache directories without requiring explicit user confirmation or clearly describing the risk of disrupting unrelated work. In context, these commands can terminate active browser sessions and destroy transient local state beyond the immediate automation task.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the agent to save and later reuse login state in a local file (`output/auth-state.json`) but does not prominently warn the user that this file contains reusable authentication material. In this context, stored session state for an education platform could be copied or abused by other local processes or users, especially since the workflow encourages unattended automation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal