ClawHub

nine

Security checks across malware telemetry and agentic risk

Overview

This skill mostly teaches about the number 9, but it also includes unrelated promotion, links, and contact details that could be surfaced during ordinary number-related questions.

Install only if you are comfortable with a number-symbolism skill that also contains unrelated person/project promotion, links, and contact information. Prefer a cleaned version that removes the Chen Lang/OpenClaw section and narrows activation to explicit cultural-symbolism requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill materially departs from its declared purpose of explaining the cultural meaning of the number 9 and embeds unrelated promotional content, project descriptions, links, and contact details. In an agent setting, this can cause scope hijacking and unsolicited promotion, leading the agent to surface irrelevant third-party material when users ask innocuous cultural questions.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The inclusion of unsolicited promotional links and personal contact information is inappropriate for a skill whose stated purpose is educational/cultural explanation. This creates a data exposure and trust-abuse risk: the agent may disclose contact info or promote external services without user intent, which is especially problematic because the content is hidden inside an otherwise benign skill.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The activation description is broad enough that the skill may trigger for many ordinary questions about the number 9, increasing the chance that the embedded unrelated content gets injected into responses. In this specific file, the overbroad trigger is more dangerous because the skill contains off-topic promotional material, so unnecessary activation becomes a pathway for irrelevant or manipulative output.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal