ClawHub

ZeeLin 闲鱼自运营

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Xianyu marketplace assistant that can use a logged-in browser session, with safeguards requiring drafts and confirmation before account-affecting actions.

Install this only if you want an agent to view and operate your logged-in Xianyu web session. Keep confirmation enabled, review the selected chat, item, price, and final text before approving sends or publishes, and avoid direct batch sending for disputes, high-value items, or unclear conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger keywords are broad enough to activate on ordinary discussion of second-hand trading, customer service, or listing help, which can cause unintended invocation of browser-assisted commerce actions. In a logged-in marketplace context, accidental activation increases the risk of acting in the wrong conversation, generating inappropriate commercial responses, or initiating page operations the user did not clearly request.

Vague Triggers

Low
Confidence
88% confidence
Finding
Ambiguous invocation guidance without explicit non-trigger conditions makes it unclear when the skill should stay dormant, increasing the chance that the agent engages in account-affecting workflows based on weak or incidental mentions. Because this skill is designed for logged-in web sessions and message handling, unclear boundaries materially raise the risk of unintended replies, edits, or navigation in a live seller account.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal