ClawHub

Fine-tune Service CN | 模型微调服务

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed paid fine-tuning service listing, not a hidden or autonomous tool, but users should be careful before sharing datasets or paying off-platform.

Install risk from the bundle itself appears low. Treat this as an advertisement for a person’s service: verify the provider, agree on confidentiality and payment terms, and avoid sending private training data, proprietary models, or sensitive business information unless you have appropriate protections in place.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The skill is presented as an agent capability for model fine-tuning, but the file only advertises a human-operated paid service, including pricing, contact methods, and off-platform delivery. This mismatch is dangerous because it can be used to solicit payments, exfiltrate user data or proprietary training datasets via private contact, and bypass platform controls by redirecting users to unmanaged external interactions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases include very broad terms such as '微调', 'fine-tune', 'LoRA', and '训练模型', which can activate the skill in many unrelated contexts. In this case, that broad activation is more dangerous because the skill is not a real technical workflow but a solicitation funnel, increasing the chance that users are unexpectedly redirected into a commercial off-platform engagement.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal