ClawHub

China

Security checks across malware telemetry and agentic risk

Overview

This is a China travel-planning skill that stores trip preferences locally and shows no evidence of hidden networking, exfiltration, or destructive behavior.

Install only if you are comfortable with the agent keeping China trip details in ~/china/memory.md. Avoid storing passport numbers, full booking confirmations, ticket numbers, account links, or other sensitive travel documents there, and review or delete that file when you no longer need the saved context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
82% confidence
Finding
The template explicitly includes a 'Confirmation' field for bookings, which can encourage users or downstream agents to store reservation identifiers or related travel details in persistent memory. While not inherently secret like passwords, booking confirmations can still expose personal itinerary data and may be usable for social engineering, account lookups, or unwanted disclosure if memory is shared or retained broadly.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to create and maintain a persistent local memory file containing user travel preferences and constraints, but it provides no user-facing notice, consent step, retention policy, or guidance on what data should be excluded. Even though the purpose is convenience and personalization, silent persistence of potentially sensitive personal data (travel dates, mobility needs, dietary restrictions, budget constraints) creates a privacy and data-governance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal