ClawHub

国际关系辅助

Security checks across malware telemetry and agentic risk

Overview

This skill appears to advertise policy or international-relations analysis while bundling unrelated local file-processing behavior that users would not reasonably expect.

Review this skill carefully before installing. It does not show clear evidence of malware, but the packaged capabilities appear broader than the advertised purpose; install only if you understand and want the local file-processing behavior, and prefer a version that documents its file access and narrows its triggers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill is documented as a pure international-relations analysis aid, yet static analysis detected file read/write capabilities without corresponding permission declarations. Hidden filesystem access expands the attack surface because the skill could access or modify local data in ways users and reviewers do not expect, especially if later wired into agent tooling.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
This is a clear description-behavior mismatch: a policy-analysis skill appears to include unrelated capabilities for aggregating research files, regex-checking SKILL.md, and converting subtitle files. Such undisclosed functionality is dangerous because it can conceal data collection or file-processing behavior under an innocuous academic description, undermining informed consent and security review.

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The code's functionality is unrelated to the declared skill purpose of international relations analysis, which indicates a capability mismatch between the advertised skill and the actual implementation. This is dangerous because it can conceal unauthorized file-processing behavior inside a seemingly unrelated skill, undermining trust, review, and least-privilege expectations.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Overly broad trigger phrases can cause the skill to activate during ordinary conversation, invoking analysis pathways when the user did not intend to use this skill. While not directly a data-exfiltration issue, over-triggering increases exposure to any hidden capabilities and can route benign chats through a more privileged or behaviorally complex skill.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal