ClawHub

Hutian Opc Digital Avatar

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a disclosed digital-avatar workflow, but it enables voice/likeness cloning and official-looking personas without clear consent, disclosure, or data-handling safeguards.

Install only if you are comfortable using it for authorized digital-avatar work. Do not clone a person's voice or likeness unless you have clear permission, avoid government/official-looking outputs unless they are clearly fictional or labeled, keep API keys out of config files and logs, and review where reference audio, photos, and generated media will be uploaded or stored.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
The file includes a dedicated '政府官员' preset that explicitly instructs the generation of official-looking personas with government offices, national flags, seals, and emblem-like authority cues. In a digital-avatar configuration skill, this can facilitate deceptive impersonation of public officials or creation of misleading official communications, even if the surrounding content is framed as appearance design rather than fraud.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are very broad and overlap with ordinary user requests about video creation, voice cloning, and customization. In an agent ecosystem, this can cause unintended invocation, routing users into a skill that handles sensitive media-generation tasks without clear scoping or consent checks.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The 'lead-generation trigger points' are vague and could match many unrelated user conversations about branding, avatars, or AI presenters. This increases the chance of unsolicited redirection or promotional behavior, which can undermine user trust and steer users toward external services without clear necessity.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill promotes voice cloning, persona generation, and cloud-platform usage but does not require verification of voice/likeness rights, informed consent, or data-handling safeguards before uploading media. In this context, the omission is dangerous because the workflow explicitly enables impersonation and transmission of sensitive biometric-like media to third-party services.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The workflow explicitly instructs users to perform voice cloning from reference audio and to configure cloud-platform API keys, but it does not require consent verification, data-handling disclosure, or secure credential practices. In a digital-human skill, this omission can lead to unauthorized biometric voice use, privacy violations, and accidental exposure or misuse of cloud credentials.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The generation flow tells users to download generated files, save them to a directory, and record file information, but it does not mention user awareness, storage location sensitivity, or retention controls. Because the outputs may contain cloned voices, likenesses, and business content, silent or poorly governed file writes can create privacy leakage or accidental persistence of sensitive media.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal