ClawHub

银行卡类型及归属地查询 - 聚合数据

Security checks across malware telemetry and agentic risk

Overview

This bank-card lookup skill is purpose-aligned, but it automatically sends sensitive card numbers and an API key to a third-party service over insecure HTTP without a clear consent step.

Install only if you are comfortable sending bank-card numbers to Juhe for lookup. Prefer using only the minimum needed digits if the provider supports it, avoid the command-line --key option, and do not use the skill until it requires explicit confirmation and avoids plain HTTP transmission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation indicates it can read environment variables, access local files, and make network requests, yet it does not declare permissions or clearly constrain those capabilities. This weakens reviewability and user trust because a skill that processes sensitive financial data can transmit or read data without explicit disclosure.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger description is broad enough to match common phrases like asking what bank a card belongs to, which can cause the skill to activate unexpectedly in ordinary conversation. In this context, accidental activation is risky because the skill handles highly sensitive financial identifiers and may initiate third-party transmission.

Missing User Warnings

High
Confidence
98% confidence
Finding
The documentation says bank card numbers are sent to a third-party API, but it does not prominently warn users or require consent before transmitting this sensitive financial data. Exposing full card numbers to an external provider without clear notice creates privacy, compliance, and data-handling risks.

Missing User Warnings

High
Confidence
99% confidence
Finding
The AI guidance instructs automatic extraction of 15-19 digit bank card numbers from user messages and immediate querying, without requiring confirmation or warning about sensitive-data processing. This creates a direct path for involuntary collection and third-party disclosure of financial identifiers.

Missing User Warnings

High
Confidence
98% confidence
Finding
The script sends both the bank card number and the API key to a third-party endpoint over plain HTTP in the URL query string. This exposes sensitive financial data and credentials to interception by network attackers and also increases leakage through logs, proxies, and browser/history-style telemetry on intermediate systems.

Credential Access

High
Category
Privilege Escalation
Content
export JUHE_BANKCARDCODE_KEY=你的AppKey

# 方式二:.env 文件(在脚本目录创建)
echo "JUHE_BANKCARDCODE_KEY=你的AppKey" > scripts/.env

# 方式三:每次命令行传入
python scripts/bankcard_lookup.py --key 你的AppKey 6228480402564890018
Confidence
87% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal