ClawHub

专业彩票助手

Security checks across malware telemetry and agentic risk

Overview

This lottery helper is not clearly malicious, but it requests broad command access and can process uploaded ticket images through an external MCP service, so it should be reviewed before installing.

Install only if you trust your mcporter setup and the amcjt-mcp-server endpoint. Avoid uploading ticket images or lottery data you would not send to that service, and do not run troubleshooting commands that modify MCP configuration or print/inline real API keys unless you understand the impact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill grants broad shell execution via `Bash(node:*)`, `Bash(npx:*)`, and `Bash(mcporter:*)`, which exceeds the narrow needs of a lottery assistant and enables arbitrary command execution, package fetching, and configuration changes. In this context, the documentation also explicitly instructs configuration-management operations such as adding/importing MCP servers, increasing the chance that a prompt or compromised downstream tool could pivot into system or supply-chain abuse.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger set includes very broad keywords like `彩票`, `开奖`, `中奖`, and `lottery`, which can cause the skill to activate in unrelated conversations and expose users to unintended tool use. Because the skill has powerful shell-capable tools, accidental invocation is more dangerous here than in a purely read-only skill.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Triggering on any uploaded image is overly broad and can cause the skill to process unrelated files, potentially sending arbitrary local file paths to external OCR/MCP infrastructure without clear user intent. In this skill, image handling is coupled to filesystem path usage and external tool calls, so ambiguous activation increases privacy and unintended data-processing risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal