ClawHub

ID Card Number Origin Query - 身份证号码归属地查询

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward ID-card lookup tool, but users should know that full ID numbers may be sent to JisuAPI.

Install only if you are comfortable using JisuAPI for this lookup. Avoid submitting real full national ID numbers unless you have authorization and a clear need; use six-digit prefix or city lookup when that is enough, and keep JISU_API_KEY private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger description includes broad language like 'or similar ID-card-origin questions,' which can cause the skill to activate on loosely related prompts. Because the skill handles highly sensitive personal data and transmits it to a third-party API, over-broad invocation increases the chance of unintended collection and disclosure of ID numbers.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill is designed to send Chinese ID-card numbers to a third-party provider, which is sensitive personal information that can reveal birthplace, birth date, sex, and regional data. Failing to clearly warn the user and obtain informed consent before transmission creates a significant privacy and compliance risk, especially given the sensitivity of national ID data.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill sends a full Chinese national ID number, which is highly sensitive personal data, to a third-party API service. Even though transmission uses HTTPS, the code provides no consent flow, disclosure, minimization, masking, or local-processing alternative, so users may unknowingly expose PII to an external vendor.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal