ClawHub

Weekly Report

Security checks across malware telemetry and agentic risk

Overview

This skill is a small weekly-report helper that stores task and report data locally, with some usability and reliability issues but no evidence of hidden or harmful behavior.

Install only if you are comfortable with task names and generated report history being saved locally in the skill directory. Use specific prompts such as “生成周报” when you intend to invoke it, and avoid entering confidential work details unless local storage is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
`addTask` references `lowerMessage`, but that variable is only defined inside `handle` and is out of scope here. In practice, requests that reach this path can throw a `ReferenceError`, causing the skill to fail instead of adding or completing a task. It also does not implement the advertised 'mark complete' behavior and creates a new task instead, which can corrupt task state and break report accuracy.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger keywords are broad everyday terms like “总结” and “周报”, which can cause the skill to activate during unrelated conversations. This can lead to unintended handling or persistence of user content, especially since the skill references local storage for tasks and reports.

Natural-Language Policy Violations

Medium
Confidence
72% confidence
Finding
The description hard-codes Chinese-language behavior ("周报生成器,自动汇总本周工作") without indicating locale negotiation or user choice. This can cause unintended invocation for users who do not expect Chinese-only output, leading to usability failures and possible misrouting of agent behavior, though the impact is limited because this file contains only metadata and no sensitive execution logic.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal