ClawHub

双币赢分析

Security checks across malware telemetry and agentic risk

Overview

This BTC/ETH analysis skill is purpose-aligned, but its trading suggestions come from an unknown plaintext web service and should be treated as unverified.

Review the remote data dependency before installing. This skill runs a local Python script that contacts an undocumented HTTP IP address and prints whatever analysis it returns, so do not treat the output as verified financial advice; prefer HTTPS, a documented provider, explicit dependencies, and more precise trigger phrases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation phrase is simply '双币赢分析', which is broad enough to trigger the skill in contexts where a user may only be discussing the topic rather than explicitly requesting execution. Because the skill is described as automatically fetching data upon that phrase, an underspecified trigger can cause unintended activation and external data access without clear user intent.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill states that saying the phrase will 'automatically retrieve data', but it does not prominently warn users that external data access will occur at trigger time. This can reduce informed consent and create privacy, cost, or network-side effects if users do not realize the skill performs automatic retrieval.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill makes an outbound network request to a hard-coded external IP address over plain HTTP, with no user disclosure or consent mechanism. This exposes users to undisclosed data transfer and allows the response to be modified in transit by a man-in-the-middle, which is especially risky because the returned content is printed directly to the user.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger set includes short, generic phrases such as "dualwin", "btc dual", and "eth dual" that can plausibly appear in ordinary finance discussions, making unintended activation more likely. Because this skill executes a local Python program that produces market-analysis and trading advice, accidental invocation could cause unrequested data access or misleading recommendations in a sensitive financial context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal