ClawHub

gate-exchange-welfare

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only Gate welfare helper, with a caveat that vague rewards or task requests could trigger account-status checks unnecessarily.

Install only if you trust the Gate MCP setup and use a dedicated least-privilege Gate API key limited to Welfare:Read. For vague requests about rewards or tasks, confirm the user means Gate welfare or new-user tasks before allowing account-specific lookup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger language is broad enough that generic questions about rewards, tasks, or benefits could invoke this skill even when the user intended a different rewards-related workflow. In an agent system, over-broad routing can expose user-specific welfare status, produce misleading guidance, or suppress more appropriate skills, especially because identity lookup happens automatically via MCP tools.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The routing table uses high-level labels like 'Query welfare / rewards / tasks' and 'Query new user benefits / new user tasks' without precise boundaries, which increases the chance of accidental invocation or incorrect cross-skill routing. Because this skill branches based on account identity and may redirect users to other skills, ambiguous routing can cause privacy-sensitive lookups or user confusion in adjacent financial workflows.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger scenario is broad enough that the skill may activate on vague reward-related language, causing it to handle requests that might belong to other skills or should first require clearer user intent. In this skill, the impact is limited because the documented MCP actions are read-only welfare queries, but unintended invocation could still expose account-status or task metadata unnecessarily.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The routing table includes generic phrases like 'welfare', 'rewards', and 'what tasks can I do', which are not unique to this domain and can cause accidental routing from unrelated conversations. Because the skill performs authenticated identity and task lookups, overbroad matching increases the chance of unnecessary access to user-specific welfare data.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger examples in Scenario 3 are broad enough to match generic requests like 'what tasks can I do' or 'task list', which may cause this welfare skill to activate for unrelated task-oriented intents. That can misroute users away from the correct skill and, in some cases, unnecessarily invoke identity-check tooling for requests that were not actually about welfare.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The cross-skill routing examples use very generic phrases like 'How to deposit' and 'How to trade', which are common intents outside the welfare context. If these examples are used as activation guidance, the skill may incorrectly capture unrelated finance or trading requests and reroute them based on welfare-task assumptions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal