ClawHub

美团优惠券

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: log in to Meituan by SMS so it can claim and query Meituan coupons, while storing reusable local account tokens and coupon history.

Install only if you intend to let the skill authenticate to Meituan by SMS, reuse a locally stored Meituan token, and claim or query coupons for that account. Use explicit requests, do not share an SMS code unless you want to log in, and clear the auth/history files or use the documented environment-variable paths if you want isolation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill invokes shell commands, performs network requests, reads environment variables, and writes local files, yet declares no permissions or trust boundaries. This creates an authorization transparency gap: users and the hosting platform cannot accurately assess or constrain what the skill can access, which is especially risky here because the workflow handles authentication tokens, phone numbers, device identifiers, and coupon history.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad and include common terms like coupon, discount, red packet, and food-delivery coupon, making accidental activation likely in ordinary conversation. In this skill's context, unintended routing is more dangerous than usual because activation can lead into authentication, SMS sending, external network calls, and local token handling for a Meituan account.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal