ClawHub

人人商城龙虾助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ecommerce store assistant that uses the user's own API key to query and manage store data, including sensitive customer data, without evidence of hidden data sharing or deceptive behavior.

Install only if you trust the skill with live store access and customer/order data. Use the least-privileged API key available, verify RR_CLAW_BASE_URL before use, avoid pasting credentials into chat, limit member and phone-number lookups to real business needs, and manually review every action that changes orders, products, coupons, or shipping settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document exposes member search capabilities over highly sensitive personal data fields such as nickname, real name, mobile number, member ID, account balance, and order history without any stated access-control, minimization, masking, or privacy-handling requirements. In this skill context, the agent is explicitly designed for querying member data, which makes omission of privacy safeguards more dangerous because it normalizes broad retrieval of personally identifiable and commercially sensitive information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The phone-number-to-member-ID lookup endpoint enables direct correlation of a personal phone number to an internal account identifier with no documented warning, throttling, authorization constraint, or anti-enumeration guidance. In an order/member-management skill, this is particularly risky because it can facilitate user enumeration, privacy violations, and chaining into broader account-data retrieval via the documented member detail endpoints.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation includes a concrete `mobile` field in the member consumption ranking response example, which signals that phone numbers may be returned and handled during analytics queries. Exposing personal contact data in a statistics endpoint without any privacy notice, minimization guidance, or access-control caveat increases the risk of unnecessary PII collection, overexposure to operators, and downstream logging or leakage.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal