ClawHub

搜爆款作品助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a public-content research workflow with some documentation inconsistencies, but no evidence of hidden access, persistence, credential use, destructive behavior, or data exfiltration.

Install only if you are comfortable with a research assistant that may perform web searches over public platform content. Treat its trend, interaction, and freshness outputs as directional unless links and timestamps are shown, and remind it to stay limited to 公众号、抖音、小红书 if results drift toward other platforms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The reference guide explicitly includes B站 and 快手 in its platform adaptation section, which conflicts with the skill metadata stating the workflow is limited to 公众号、抖音、小红书. This scope mismatch can cause the agent to operate outside its declared boundaries, leading to policy drift, unreliable outputs, or unintended use of unsupported data sources.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The workflow defines conflicting freshness gates: it requires both '近30天内' and '2026年后发布', which can produce inconsistent filtering and arbitrary inclusion or exclusion of results. In a data-mining skill, contradictory validation logic undermines trustworthiness and can cause the agent to present stale, irrelevant, or policy-inconsistent content as verified.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The exception path instructs the agent to provide 'general analysis based on existing knowledge' when search is unavailable, even though the rest of the skill repeatedly requires only recent, verifiable data from three approved platforms. This creates a silent downgrade from evidence-based output to unverifiable synthesis, increasing the risk of hallucinated claims, stale information, and misleading users about data provenance.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The skill metadata says the workflow is limited to 公众号、抖音、小红书, but the keyword template instructs searches for 快手 and B站 as well. This creates a scope-control failure: an agent following the guide may access or process unintended platforms, producing outputs outside the declared capability and policy boundary.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal