ClawHub

全网热搜榜查询 - 聚合数据

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it sends the required Juhe API key over plain HTTP, which can expose the key on the network.

Review before installing. Use this only if you are comfortable providing a Juhe API key, and avoid running it on untrusted networks unless the endpoint is changed to HTTPS and verified. Prefer storing the key in a protected environment variable rather than a local .env file, and rotate the key if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares no explicit permissions, yet the documentation clearly instructs use of environment variables, local file access via scripts/.env, and outbound network requests to a third-party API. This creates a transparency and least-privilege problem: reviewers and users may not realize the skill can read credentials and communicate externally, increasing the chance of unintended data exposure or unsafe execution in an agent environment.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are very broad everyday language such as '查热搜', '看热搜榜', and '现在什么最火', which can cause accidental invocation in unrelated conversational contexts. In an agent setting, this may lead to unnecessary third-party API calls, unintended sharing of user queries, and surprising behavior without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The user-facing description emphasizes convenience and supported platforms but does not clearly warn that queries are sent to a third-party service, juhe.cn. This lack of disclosure can mislead users about where their requests go and increases privacy risk, especially if their prompts contain personal or sensitive context.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script sends the API key to the Juhe endpoint over plain HTTP, which exposes the credential to interception or modification by any party on the network path. Because this is a network-enabled skill intended to contact a third-party API, the weakness is directly reachable during normal use and could lead to API key theft or response tampering.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal