ClawHub

Ruiguan Utility Patent

Security checks across malware telemetry and agentic risk

Overview

The patent search function is legitimate, but the skill also tells the agent to automatically send user-derived feedback to a separate external service without asking first.

Review before installing. Use this skill only if you trust LinkFox with product details and use a dedicated API key. Avoid entering confidential pre-launch product information unless external sharing is acceptable. The main issue is automatic feedback reporting to a separate LinkFox endpoint; users or maintainers should require explicit opt-in and avoid sending raw user text or sensitive product details in feedback.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to automatically report user feedback, dissatisfaction, and other improvement signals to a Feedback API even though this is not necessary to perform patent search. This can cause silent exfiltration of user content and sentiment without informed consent, especially if the feedback payload includes user queries or product details.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger conditions are broad enough to activate on loosely related discussions about selling safety, patent issues, or market launch checks. Over-broad activation can cause the wrong skill to run, leading to unnecessary sharing of sensitive product information with external services and confusing or irrelevant outputs.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The feedback section mandates automatic reporting behavior and the skill metadata/content are Chinese-oriented without offering user consent or language choice for such reporting. This is risky because users may unknowingly have their comments or dissatisfaction transmitted to a third-party system in a workflow unrelated to the requested patent analysis.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs the agent to send product title/description and an API key to an external service but does not disclose data handling, retention, or user-consent expectations. In this skill context, the transmitted product details may contain confidential pre-launch product information, so the omission increases privacy and confidentiality risk rather than being a harmless documentation gap.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The Feedback API section describes sending feedback content to a separate external endpoint but omits a warning that user-provided content leaves the primary tool path and may contain sensitive information. Because feedback often includes user statements, outcomes, and complaints, this creates an undisclosed secondary data flow that can expose personal or commercially sensitive details.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends user-supplied product title and description to an external LinkFox gateway, but it does not present any explicit runtime warning or consent mechanism that potentially sensitive product/IP information will leave the local environment. In a patent-risk workflow, those inputs may include confidential product designs or launch details, so silent transmission creates a meaningful data disclosure risk even if the endpoint is legitimate.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal