ClawHub

Home Appliance Analyst (家电行业分析师)

Security checks across malware telemetry and agentic risk

Overview

This appliance-analysis skill is mostly a plain reference-and-search skill, but one disinfectant-generator reference contains overconfident safety/use claims that users should review before relying on it.

Install only if you are comfortable with a Chinese-language appliance research skill that uses web search for current data. Treat disinfectant-generator guidance as unverified product reference material, not safety advice; check manufacturer labels and authoritative public-health or regulatory sources before making or applying disinfectant solutions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description is extremely broad and includes generic triggers like '分析', '报告', '查询', and many appliance-related topics, making it likely to activate on loosely related user requests. Over-broad triggering can cause the wrong skill to take control, leading to irrelevant web searches, unintended tool use, and reduced safety because the model may follow this skill's domain assumptions when the user did not intend appliance-industry analysis.

Natural-Language Policy Violations

Medium
Confidence
75% confidence
Finding
The skill is written entirely in Chinese and does not specify language negotiation or fallback behavior, so it may respond in an unexpected language for non-Chinese users. This is primarily a safety and usability issue: users may misunderstand compliance, pricing, or technical guidance, and that misunderstanding is more consequential here because the skill discusses standards, certifications, and product analysis.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The document gives practical instructions and favorable claims for generating disinfectant solution from salt and water, but omits key safety warnings about chlorine-related off-gassing, concentration uncertainty, material compatibility, ventilation, and safe application limits. In a consumer-facing home-appliance skill, this can encourage unsafe DIY chemical generation and misuse on food-contact items, skin, enclosed spaces, or when mixed with other cleaners.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal