ClawHub
Back to skill

Security audit

SKU对比分析

Security checks across malware telemetry and agentic risk

Overview

This is a read-only retail SKU analytics skill, but it depends on local API/client code and can expose sensitive store and clerk performance data during analysis.

Install only in a trusted retail workspace. Before using real data, verify the local API client and referenced sku-store-analysis skill are trusted, and use an account scoped to the stores and SKU data you intend to analyze. Expect results and console output to include sensitive sales, inventory, AIoT conversion, and clerk performance details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill imports another local skill module (`sku-store-analysis`) even though this file does not use it for its stated comparison-only functionality. Unnecessary cross-skill access expands the trust boundary and creates a supply-chain/style dependency risk: a modified imported skill could execute code at import time or expose capabilities unrelated to this skill’s purpose.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The code prepends hardcoded developer-local filesystem paths to `sys.path`, allowing imports from arbitrary local directories outside the skill package. This weakens module integrity, makes behavior environment-dependent, and can enable unintended or malicious module loading if those paths contain altered code or are writable by others.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger conditions are broad enough to match common product-comparison requests, which can cause the skill to activate when the user did not explicitly intend SKU analytics. In an agent environment, over-broad routing can expose store- or SKU-level business data unnecessarily and lead to inappropriate tool use on ordinary conversational queries.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal