ClawHub
Back to skill

Security audit

xuanxuan-10agents

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Chinese-language metaphysics consultation skill with no evidence of hidden execution, persistence, credential use, or data exfiltration.

Install only if you want a Chinese-language metaphysics or fortune-style assistant. Avoid providing unnecessary real names, exact birth details, or other sensitive personal information, and treat any life, health, financial, or relationship advice as entertainment or general reflection rather than authoritative guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
97% confidence
Finding
The trigger definition is explicitly mandatory and very broad, covering loosely defined topics like 周易、风水、命理、运势 and even '只要涉及东方玄学咨询,立即触发本skill'. That can cause the agent to invoke this skill for a wide range of user requests without sufficient relevance checks, increasing the chance of incorrect routing, policy bypass of better-suited skills, and collection of unnecessary sensitive personal data such as name, birth date, and zodiac information.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The skill is written to operate entirely in Chinese and presents a fixed persona and output style without offering user language choice. While not a classic security flaw, this can degrade transparency and user comprehension, which matters here because the skill solicits potentially sensitive personal details and gives decision-shaping advice; users who do not read Chinese may misunderstand what data is being requested or how outputs should be used.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal