ClawHub

China Marketing Copilot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent China 3C marketing knowledge-base skill with disclosed data-processing helpers and no evidence of malware, credential access, exfiltration, or deceptive behavior.

Install this if you want China-market 3C marketing assistance. Be aware that it may steer broad ideation or review requests into a China consumer-electronics framing, and use explicit prompts or confirmations before letting it process local files or update knowledge-base content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases listed for capabilities are very broad (for example, generic requests like '帮我想几个创意' or '做个传播方案') and could cause the skill to activate for ordinary brainstorming or analysis requests beyond the intended China 3C marketing scope. This can lead to unintended routing, inappropriate use of the skill's domain-specific instructions, and increased exposure to prompt-confusion or overreach when the user's request is only loosely related.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The sub-agent triggers are underspecified, using vague phrases like '处理新数据' or '帮我检查/审核' without clear guardrails on data type, authority, or task boundaries. Ambiguous delegation conditions can cause unnecessary or incorrect sub-agent invocation, increasing the risk of misprocessing user content, scope drift, or chaining errors across agent components.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The default prompt uses a broad natural-language trigger ('Use $china-marketing-copilot to create...') without clear boundaries on when the skill should be invoked or what user consent is required. In combination with implicit invocation, this can cause the agent to steer unrelated requests into this skill’s domain, introducing unintended context, locale assumptions, and potentially misleading outputs.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill metadata hard-codes a China-specific language and market context in the display name, description, and default prompt without any opt-in or justification mechanism. If invoked implicitly, the agent may answer in a China-specific framing even when the user did not request that locale, which can cause inappropriate recommendations, policy mismatches, or user confusion.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger conditions are broad enough to activate on ordinary user phrases like '处理新数据' or merely the presence of new raw files in the working directory, which can cause this subagent to run unexpectedly. In an agentic workflow, unintended activation can lead to processing the wrong files, overwriting knowledge-base artifacts, or propagating unreviewed data into downstream decision-making.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions are broad enough to activate this adversarial subagent for ordinary requests such as 'help me check' or 'is this reliable,' which can cause unintended routing and over-application of a highly skeptical review mode. In this marketing-copilot context, that can distort normal assistance, create unnecessary compliance blocks, and increase the chance that user content is treated as formal high-risk material when it is not.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal