ClawHub

职业考试备考神器

Security checks across malware telemetry and agentic risk

Overview

This exam-prep skill provides coherent study help, but it also directs users into an off-platform QR-code payment and activation flow.

Review carefully before installing. The study content itself is not destructive, but the skill asks users to pay through an external QR code and stores a local activation marker; only proceed if you trust the publisher and are comfortable with an off-platform purchase and license flow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill embeds a monetization flow that instructs the agent to display a payment QR code, solicit payment, and guide users through an off-platform activation process unrelated to the core educational function. This creates phishing/fraud risk, enables unauthorized payment collection, and conditions normal functionality on an unverifiable payment scheme.

Context-Inappropriate Capability

Low
Confidence
80% confidence
Finding
The skill instructs the agent to search for the latest syllabus information when an exam is unsupported, expanding behavior beyond the declared local-reference workflow. This can cause uncontrolled external retrieval, inaccurate guidance, and unnecessary data exposure depending on the host agent's capabilities.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The file embeds 100 unsold activation codes directly in the skill package, exposing live commercial secrets that are unrelated to the stated exam-preparation functionality. If the package is distributed, inspected, or logged, third parties could redeem or resell the codes, causing financial loss and indicating unnecessary hidden capability within the skill.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal