ClawHub
Back to skill

Security audit

tuotuo-10agents

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese office-writing assistant skill with broad routing language, but it is only a Markdown instruction/template file and shows no hidden access, code execution, persistence, or data exfiltration.

Install this if you want a Chinese-language business writing and productivity assistant. Be aware it may activate for many generic writing, summarizing, or organizing requests, so users who prefer another language, tone, or narrower routing should state those preferences explicitly or adjust invocation rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
97% confidence
Finding
The activation rule is extremely broad ('只要老板需要帮我写点什么/整理点什么,立即触发本skill') and effectively forces invocation for many ordinary requests. This can cause frequent skill collisions, override more appropriate tools or safer workflows, and steer the agent into a pre-scripted persona without confirming user intent. In this context, the danger is increased because the skill claims mandatory use across a wide class of common productivity tasks, making unintended activation likely.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The skill description mandates a specific language/locale/persona style ('老板', '妥妥', Chinese business-assistant tone) without asking for user preference. This can lead to unwanted language switching, incorrect locale conventions, or inappropriate tone in contexts requiring another language, register, or audience. The context makes it somewhat more concerning because the skill is configured for broad automatic activation, so users may be pushed into this style unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.