ClawHub

语义压缩

Security checks across malware telemetry and agentic risk

Overview

This is a small local prompt-building tool for text compression; its main risk is overpromising lossless compression, not hidden access or malicious behavior.

Install only if you are comfortable with a best-effort prompt helper rather than a guaranteed lossless compressor. Review any compressed output before relying on it, and redact secrets or personal data before saving conversation history to long-term memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The prompt makes an absolute guarantee of preserving all key information and forbids summarization, but later instructs the model to compress older dialogue by keeping only conclusions, decisions, and key information. That contradiction can cause silent loss of context, assumptions, constraints, or safety-relevant details from earlier turns, which is dangerous when the compressed output is reused as model context for later decisions.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The implementation does not perform semantic compression; it only prepends a fixed instruction prompt to the original text and returns or writes that prompt. This is dangerous because downstream systems may trust the output as already-compressed data, causing prompt bloat, unexpected token consumption, leakage of full original content, and incorrect security or cost assumptions.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The documentation claims accuracy-preserving semantic compression, but the code never compresses content. Misrepresenting behavior at the module level is security-relevant because integrators may rely on the stated guarantees when handling sensitive or large context, leading to data retention, over-disclosure, or failure of controls that assume reduction has occurred.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly recommends compressing and saving conversation history to long-term memory, but it provides no warning about retaining potentially sensitive user data, privacy implications, or consent requirements. In a context-management skill, this omission can lead operators to persist personal, confidential, or regulated data longer than intended, increasing privacy and compliance risk.

VirusTotal

38/38 vendors flagged this skill as clean.

View on VirusTotal