ClawHub

竞品分析神器

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward competitor-analysis report tool, with expected but important privacy considerations around API use and saved reports.

Install only if you are comfortable with deep-analysis mode sending your product, market, strengths, and competitor details to the configured OpenAI-compatible API. Do not set OPENAI_BASE to an endpoint you do not trust, and keep the output directory private if reports contain confidential business strategy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Tainted flow: 'OPENAI_BASE' from os.environ.get (line 31, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
log(f"  调用 {OPENAI_MODEL} 分析 {len(competitors)} 个竞品...")

    try:
        resp = requests.post(
            f"{OPENAI_BASE}/chat/completions",
            headers={
                "Authorization": f"Bearer {OPENAI_API_KEY}",
Confidence
97% confidence
Finding
resp = requests.post( f"{OPENAI_BASE}/chat/completions", headers={ "Authorization": f"Bearer {OPENAI_API_KEY}", "Content-Type": "applica

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises capabilities implying environment access, file writing, and network use, but does not declare permissions or present any trust boundary to the user. That creates a transparency and consent problem: users may provide sensitive business inputs without understanding they can be stored locally or transmitted externally.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README encourages use of an API key for full analysis but does not clearly disclose that user-supplied product, competitor, strengths, and market information may be transmitted to a remote LLM endpoint. In a business-analysis tool, these inputs can contain confidential strategy or market plans, so the omission creates a real privacy and data-handling risk even if the transmission is expected by the implementation.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The description is broad and input-driven, with no clear trigger boundaries, exclusions, or conditions for activation. This can cause over-invocation or unexpected use on sensitive business prompts, increasing the chance that confidential strategy or market data is processed or persisted without deliberate user intent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that all reports are automatically archived, but does not warn users that the archived material may contain sensitive business plans, competitor intelligence, or strategic assessments. Persistent local storage increases exposure through unauthorized access, backups, syncing, or later reuse beyond the user's expectation.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The documentation encourages use of an OpenAI API key for deep analysis but does not disclose that user-supplied product, competitor, and strategy data may be transmitted to a third-party network service. This is a data disclosure risk because business-sensitive inputs may leave the local environment without informed consent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The tool transmits user-supplied product, strengths, market, and competitor information to an external LLM API, but the user is not clearly warned at execution time that their data leaves the local environment. This creates a privacy and confidentiality risk, especially because competitor analysis may include sensitive strategic business information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal