ClawHub
Back to skill

Security audit

报告双通道智能推送

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says by sending reports to QQ Mail and a push service, but it handles credentials and report data too loosely for automatic installation.

Install only if you are comfortable giving the skill QQ Mail SMTP credentials and a push-service token, and assume report content will leave your environment. Before using it for sensitive reports, change the PushPlus endpoint to HTTPS, clarify the supported push provider, require explicit confirmation for each send, and fix the script path mismatch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This script transmits report data to external services by design, but it provides no explicit in-file disclosure, consent, classification checks, or safeguards against sending sensitive report contents off-system. In an agent skill context, that increases the chance of unintentionally exfiltrating confidential analysis results to email and a third-party push provider.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is user-invocable and includes broad trigger phrases such as '发送报告', '推送结果', '通知我', and '把报告发给我', which can overlap with normal conversational language. In a skill that performs outbound actions to WeChat and email, unintended invocation could cause accidental exfiltration of report contents or spammy repeated delivery to configured external destinations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.