ClawHub

火一五权限

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only permission gate that openly restricts skill install and uninstall actions to one hardcoded admin, but that gives it broad control over agent behavior and could block users from managing their own skills.

Install only if you intend this workspace to be governed by the hardcoded admin ZhaoBo and you are comfortable with non-admin users being blocked from installing or uninstalling skills. Review the trigger terms and test in a controlled workspace first, because the skill relies on broad message interception and keyword matching rather than a clearly scoped platform permission hook.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill declares itself as a global auto-trigger interceptor without meaningful scope limits, causing it to run across all message flows and influence authorization decisions platform-wide. Broad interception increases the blast radius of logic errors, prompt-triggered misclassification, or abuse, especially because this skill governs permission checks and could incorrectly block or allow sensitive actions such as skill installation or removal.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The uninstall/install trigger configuration includes very broad keywords such as “安装” and “删除技能/remove skill”, which can cause the permission logic to classify ordinary user requests as skill-management actions even when the user intended something else. In a permission-control skill, ambiguous triggers are security-relevant because they can lead to unintended policy enforcement or misrouting of privileged operations, increasing the chance of authorization mistakes.

VirusTotal

No VirusTotal findings

View on VirusTotal