ClawHub

生日万象查询服务(AI付版) - 聚合数据

Security checks across malware telemetry and agentic risk

Overview

This is a coherent paid birthday lookup skill, but it needs review because its payment consent text inaccurately describes what data is sent and some paid-service triggers are too broad.

Review before installing. The skill appears to perform the advertised paid birthday lookup, but the publisher should fix the pre-payment notice to say that the queried date is sent to Juhe, not an image prompt, and narrow activation so generic astrology/personality questions do not accidentally enter a paid workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The payment disclosure states that an image description/prompt will be sent to the backend, but the skill actually sends the user's queried date. This is a data-transparency and informed-consent failure: users are told the wrong thing at the exact point where consent for paid processing is requested, which can invalidate meaningful consent and mislead users about what data leaves the agent.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions are broad enough to activate on generic horoscope/personality requests even when the user did not clearly request this paid birthday-specific service. In a paid skill, overbroad triggering can cause unintended upsell, premature payment prompts, or routing users into a monetized flow without sufficient specificity.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The warning shown before payment does not accurately disclose the real data transmission: it references an image prompt instead of the user's queried date. Because this occurs during the payment/consent step, it materially weakens user awareness of what is being sent to the third party and increases privacy/compliance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal