ClawHub

batch-id

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform its advertised Tencent Cloud ID-card OCR task, but it handles full government-ID data in bulk without enough privacy, consent, or output-handling safeguards.

Review carefully before installing. Use this only for IDs you are authorized to process, only where Tencent Cloud OCR is acceptable for your privacy and compliance requirements, and treat the generated .txt file as highly sensitive. Prefer a dedicated least-privilege Tencent key, add explicit user consent and retention controls, and consider masking ID numbers or avoiding plaintext file export.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill handles extremely sensitive personal data: ID-card images and extracted identity fields. The documentation promotes batch processing and downloadable text export, but does not clearly warn users that images and extracted PII are transmitted to Tencent Cloud OCR and then returned in a potentially easy-to-share plaintext file, which materially increases privacy, consent, and data-handling risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The code sends highly sensitive personal data from ID cards to Tencent Cloud OCR by passing user-supplied image URLs to a third-party cloud service, but it provides no explicit notice, consent flow, or data-handling disclosure. Because ID-card data is extremely sensitive PII, silent transmission to an external processor creates meaningful privacy, compliance, and unauthorized disclosure risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill writes extracted ID-card details, including name, sex, and ID number, into a local temporary file without warning the user that sensitive data will be stored on disk. Even in /tmp, this increases exposure through unintended retention, mishandling by downstream components, or access by other processes or platform features that can read or forward the file.

Vague Triggers

Medium
Confidence
74% confidence
Finding
The description advertises bulk extraction of sensitive national ID data from up to 50 identity-card images and automatic delivery as a text file, but it does not define any authorization, ownership, consent, or usage constraints. Because this is a high-risk PII workflow, the broad invocation scope materially increases the chance of misuse for mass identity harvesting or unauthorized processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal