ClawHub

营销全链路执行引擎

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese marketing-planning skill with mostly instructional templates and no evidence of hidden execution, credential use, data exfiltration, or destructive behavior.

Installers should treat this as a marketing-strategy assistant, not an automation tool. When using its private-channel or community-conversion templates, add explicit user opt-in, minimize personal data collection, follow platform rules, and avoid unsolicited outreach.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrases are very broad and likely to match ordinary user requests such as asking for analysis, copywriting, or strategy help. In agent environments, overbroad activation can cause the skill to hijack unrelated conversations, override more appropriate specialized skills, or inject large amounts of prescriptive behavior into normal chats, which can degrade reliability and create unintended prompt-scope expansion.

Natural-Language Policy Violations

Medium
Confidence
76% confidence
Finding
Forcing Chinese-language interaction without user opt-in can cause the skill to seize control of output language and reduce user comprehension, reviewability, and safe oversight. While not directly enabling code execution or data theft, it can conceal behavior from users or downstream reviewers in mixed-language environments and increase the chance of misuse or incorrect decisions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The template explicitly recommends moving users into private channels such as WeChat or groups for later conversion, but provides no privacy notice, consent step, data-handling boundary, or platform-compliance guidance. In a marketing execution skill, this can facilitate collection of personal contact data and off-platform solicitation without adequate user awareness, increasing privacy, spam, and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal