ClawHub

Hutian Opc Guan Dan

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Guandan card-game assistant with local practice and review features, and the main caution is that it can store learning progress locally.

Install only if you are comfortable with the assistant storing local Guandan learning progress and mistake statistics. Use explicit Guandan-related prompts to avoid accidental activation, and clear the local progress data if using a shared machine or if you do not want past practice history retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The simulator claims AI information isolation, but `get_player_hand(seat)` returns the full hand for any seat without authorization checks. In a game-assistant context, this can let other components, prompts, or future code paths access hidden opponent cards and generate unfair or privacy-breaking advice, directly undermining the stated security boundary.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description activates on a very broad set of situations such as card recognition, scorekeeping, play suggestions, training, and review without defining clear trigger boundaries or user-consent conditions. In an agent platform, this can cause the skill to be invoked in contexts the user did not explicitly intend, increasing the chance of unsolicited game advice, unnecessary data handling, or overreach into adjacent conversations.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation text is broad enough to trigger on many ordinary game-help requests, which can cause the skill to activate outside clear user intent. Over-broad invocation increases the chance of unneeded access to conversation context and any attached capabilities, especially in a skill that appears to maintain state and progress data.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Generic trigger phrases like '建议' or '怎么打' are highly ambiguous in normal conversation and could invoke the skill unintentionally during unrelated chats or other games. In context, accidental activation is more concerning because the skill supports state tracking and likely persistence, so unnecessary invocation may capture or retain data users did not mean to submit to this skill.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The engine persistently writes user learning progress, including performance history and mistake patterns, to a local JSON file without any visible consent, disclosure, retention policy, or access controls. Even though the data is not highly sensitive in isolation, silent persistence can expose behavioral data to other local users/processes and violates user expectations around transparency and minimization.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal