ClawHub

Five Dynasties Ten Kingdoms Article

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a Chinese writing/history guidance skill with a language-preference limitation, not a security threat.

Installers should know this skill may force Simplified Chinese even when another language or Traditional Chinese is preferred. Use it when that matches your needs, and ask the agent explicitly to follow your requested language/script if needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The skill metadata and description hard-code Simplified Chinese output without indicating that the language/script should follow user preference. This can cause the agent to ignore a user's requested language or script, reducing user control and potentially leading to unsafe mismatches in multilingual contexts, but it is not a direct code-execution or data-exfiltration issue.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The writing goals explicitly require Simplified Chinese as a mandatory output format, with no opt-in or override path for the user. This is a policy/control weakness because it can force output that conflicts with user intent or accessibility needs, though the surrounding history-writing context makes the risk operational rather than security-critical.

Natural-Language Policy Violations

Low
Confidence
89% confidence
Finding
The style guidance prohibits mixed Traditional characters and reinforces a fixed script policy, which can cause the agent to reject or override legitimate user preferences. In this content-generation skill, that creates a user-choice and localization issue rather than a severe security vulnerability, and the historical-writing context does not materially increase exploitability.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal