ClawHub

Lowcode Module Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed low-code generator that creates backend, frontend, and SQL scaffolding, with no evidence of hidden commands, credential access, persistence, or exfiltration.

Before installing or running this skill, confirm the backend, frontend, and SQL output paths in src/config.json or provide explicit paths in your request. Review the generated code and init.sql before committing or applying them, especially when layout keywords or Chinese text conversion could change the intended module structure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This skill is a code generator that writes backend code, frontend assets, and SQL into configured project paths, but the description does not clearly warn the user that files may be created or placed in repository locations derived from configuration or natural-language overrides. In an agent setting, this can lead to unintended modification of application source trees or database-init locations, especially because the workflow strongly encourages automatic path resolution and output generation.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill hard-requires Simplified Chinese output without presenting this as a user-selectable preference or a documented necessity. While not a classic exploit primitive, this is a policy and usability weakness because it can override user intent, reduce transparency, and cause generated artifacts or prompts to diverge from the user's requested language context.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
Mandating conversion of Traditional Chinese input into Simplified Chinese overrides the user's original content before generation, which can alter semantics, names, or compliance-sensitive text. In a code-generation workflow that derives identifiers, comments, and schema artifacts from user input, forced normalization increases the risk of producing incorrect or unauthorized outputs without explicit user approval.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The example explicitly instructs the agent to read configuration values that include backend/frontend code generation paths and then generate files into those locations, but it does not mention any safety controls such as path validation, sandboxing, dry-run preview, overwrite protection, or explicit user confirmation. In a code-generating skill, this can enable unintended filesystem writes or destructive overwrites if config values are misconfigured, attacker-influenced, or point to sensitive project locations.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill auto-enters a generation flow whenever user input contains broad words like "页签" or "标签页", with no requirement for stronger structural signals or confirmation. In a code-generation agent, overly broad triggers can cause unintended skill activation, producing the wrong code path or allowing adversarial phrasing in otherwise unrelated requests to steer behavior.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The recognition section treats common descriptive phrases like "右侧详情" or references to basic/history tabs as sufficient indicators, but these phrases are common in normal UI discussions and are not uniquely tied to this skill path. That makes misrouting likely, especially in an automated low-code generator where prompt interpretation directly controls generated artifacts.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger condition is overly broad: any user input merely containing the phrase “左右布局” can automatically route execution into this generation flow without stronger intent validation or exclusion rules. In a code-generation skill that writes frontend/backend artifacts and targets a configured microservice path, unintended triggering can cause incorrect code generation, workflow confusion, or file writes in the wrong operational context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal