ClawHub

唐诗宋词元曲查询 - 即刻数据

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent poetry lookup tool that sends user-directed search terms and a Jike API key to the Jike poetry API.

Install only if you are comfortable using a Jike API key for poetry lookups and sending poem titles, author names, and related query parameters to jikeapi.cn. Keep JIKE_API_BASE_URL unset unless you deliberately trust another endpoint, and use a dedicated low-privilege API key where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tainted flow: 'url' from os.environ.get (line 189, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
"""
    url = f"{API_BASE_URL}{API_PATH_MAP[command]}?{urllib.parse.urlencode({**params, 'appkey': appkey})}"
    try:
        with urllib.request.urlopen(url, timeout=15) as response:
            return json.loads(response.read().decode("utf-8"))
    except urllib.error.HTTPError as exc:
        return {"code": exc.code, "message": f"接口请求失败: HTTP {exc.code}", "data": ""}
Confidence
94% confidence
Finding
with urllib.request.urlopen(url, timeout=15) as response:

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to configure an API key and use a third-party poetry API, but it does not clearly warn that user-supplied queries may be transmitted to an external service. This can create a privacy and data-handling risk because users or calling agents may unknowingly send prompts, names, or other query content off-platform to a vendor.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal