ClawHub

校园学习空间决策助手

Security checks across malware telemetry and agentic risk

Overview

This is a coherent campus study-space recommendation skill with a clearly demo-only web app, but its sample login/admin controls should not be reused as real security.

Install this only as a classroom recommendation aid using bundled sample data. Verify room availability with the school's official system or posted notices, and do not deploy the included demo login/admin page as a real application without replacing it with server-side authentication and authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The file exposes privileged state-changing functionality entirely on the client side and pairs it with hardcoded admin credentials visible in the HTML. Even though this is labeled as a demo, any user who loads the page can log in as admin and change room availability, which breaks integrity of recommendations and normalizes unsafe authorization design if reused in production.

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The code hardcodes credentials for both a student and an admin account directly in client-side JavaScript, including an easily guessable admin password. Anyone with access to the page source can recover the credentials and log in as admin, making the admin role effectively public.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The phrase 'and similar expressions' makes the activation boundary ambiguous, which can cause the skill to trigger on loosely related prompts. Over-broad activation can lead to unintended handling of user requests, incorrect tool/data access, and reduced user control over when this skill is invoked.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation conditions are broad enough to match generic requests for quiet places or study locations without clearly distinguishing campus-classroom search from other venue recommendations. This can cause the agent to invoke the skill in the wrong context, producing misleading outputs or unnecessary access to referenced campus data.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal