ClawHub

gaokao-advisor

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese gaokao admissions-advice skill that uses public education data and relevant student inputs, with no executable code, credential access, persistence, or hidden behavior found.

Safe to install based on the artifacts reviewed. Users should share only the admissions details needed for advice, avoid unnecessary personal or family information, and verify final choices against official provincial exam authority and university sources because the skill provides guidance, not guaranteed admission outcomes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger description is extremely broad and includes many common education and career-planning phrases, which can cause the skill to activate in conversations where the user did not intend to invoke a gaokao advisor workflow. Over-broad routing can lead to inappropriate collection of sensitive student data, off-topic takeover of the conversation, and reduced reliability of agent behavior.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The skill is written to operate only in Chinese and does not offer a language-choice path or clearly declare a justified locale restriction. This can cause misunderstanding, miscollection of user inputs, or incorrect advice if the surrounding system or user interacts in another language, though it is primarily a usability and safety-boundary issue rather than a direct security exploit.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal