ClawHub

Anime Semantic Recommender

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk anime recommendation skill with mostly usability and privacy-notice caveats around optional experimental features.

Install this if you want Chinese-oriented anime recommendation help. Be aware it may answer in Chinese and may activate on broad anime preference questions. Do not use the experimental local CLI/cache/feedback features unless you are comfortable with local storage of watch history, preference feedback, API cache data, and possible Bangumi/AniList tokens, and review the repository’s implementation before providing credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation criteria are broad enough to match many ordinary anime recommendation requests, including nuanced taste, similarity, refinement, and avoidance preferences. In an agent-routing context, this can cause over-invocation of the skill, leading to unnecessary tool use, source fetching, or response shaping that overrides simpler default behavior.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill mandates Chinese-first behavior without checking the user's language preference. This can degrade usability, cause incorrect language selection, and create unwanted behavior when the surrounding system or user expects another language, especially in multilingual environments.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The plan explicitly states that sensitive local data such as viewing history, preference feedback, and Bangumi/AniList tokens will be stored, but it does not pair that design with any concrete privacy notice, retention controls, access restrictions, or token-protection measures. In a local CLI/skill context this is not remote code execution, but it is still a real privacy/security weakness because compromise of the local machine, accidental backups, logs, or repository inclusion could expose behavioral data and API credentials.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal