ClawHub

豆包创意设计

Security checks across malware telemetry and agentic risk

Overview

This is a broad but coherent image-design skill made of markdown guidance only, with no evidence of hidden execution, data theft, persistence, or destructive behavior.

Installers should expect this skill to take over many image-generation and image-editing requests, especially Chinese-language creative design workflows. Review its language and routing preferences if you need strict locale preservation or narrower activation, but there is no artifact-backed evidence of malicious behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description is extremely broad and includes many generic phrases such as image generation, editing, design, posters, covers, diagrams, and educational visuals. In an agent environment, this can cause the skill to activate for a very wide range of ordinary user requests, increasing the chance of unintended routing, over-collection of context, and execution of image workflows when a narrower skill or direct handling would be safer.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Describing the skill as a 'unified main entry point' for creative image design makes it functionally universal within its domain, which is a routing-risk anti-pattern. This increases the likelihood that the agent will invoke this skill too often, potentially bypassing more appropriate specialized skills, misclassifying user intent, or causing unnecessary tool use and context expansion.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The file mandates Chinese-only visible text behavior for all rendered content, which can override a user's preferred language or locale if the caller does not add its own safeguards. In a routed skill system, this can cause unauthorized instruction dominance, mislocalized output, and user-confusing or policy-inconsistent behavior, especially for multilingual or accessibility-sensitive requests.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is extremely broad and can activate on many generic image or design requests, causing this specialized role/IP workflow to take over when it may not be appropriate. Over-broad routing increases the chance of mis-execution, unnecessary data/tool use, and user-request hijacking into a more constrained workflow than intended.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The file imposes Chinese-language quotation and text-rendering conventions as hard requirements for all rendered text, regardless of the user's preferred language or locale. This can cause unauthorized transformation of user content, degrade output integrity for non-Chinese requests, and create prompt-level instruction conflicts that reduce reliability and policy alignment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal