ClawHub

Auto Content Ops

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Chinese content marketing helper that may run web searches for trends, but it does not install code, request credentials, persist, or actually publish content.

Install if you want Chinese content-operations assistance for trend-based drafts. Review all generated claims and persuasive language before publishing, and do not provide confidential business details for trend searches unless you are comfortable exposing them to search providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger conditions are extremely broad and include generic requests like '帮我写个短视频文案' or '最近有什么热点可以追', which can cause the skill to activate for many ordinary conversations beyond the user's clear intent. This increases the chance of inappropriate tool use, unexpected web searches, and response steering into the skill's pipeline when the user did not explicitly ask for full content-operations automation.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The skill description and trigger behavior are written to operate only in Chinese and do not provide a user-language fallback or explicit locale constraint. While not a direct exploit primitive, this can override user expectations, reduce transparency, and cause incorrect or inaccessible outputs when the user interacts in another language or expects multilingual behavior.

Vague Triggers

High
Confidence
95% confidence
Finding
The skill’s trigger conditions are so broad that ordinary requests like asking for copywriting or recent trends will automatically invoke the skill, even when the user may not intend to use this workflow. This creates a routing/overreach vulnerability: unrelated conversations can be diverted into web-search-driven content operations, increasing the chance of unintended tool use, irrelevant data fetching, and reduced user control.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill description is written to operate in Chinese without offering any language negotiation or fallback, which can override user preference and lead to unexpected behavior. While not a classic security flaw, it is a policy/control weakness because it reduces user agency and can cause the system to mis-handle requests in multilingual settings.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal