ClawHub

Yufluentcn Chat Assist

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud client for drafting ecommerce customer-service replies, and I found no hidden sending, persistence, destructive behavior, or automatic platform access.

Install only if you are comfortable sending buyer messages and any order or tracking context you provide to Yufluent's cloud service. Avoid pasting unnecessary personal data, review every generated draft before sending, and consider tightening invocation prompts around ecommerce buyer-message scenarios.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list contains very broad, everyday phrases such as '写个英文回复', '客服怎么回', and 'refund request', which can match many unrelated conversations and cause the skill to activate unexpectedly. Because this skill sends buyer messages to a cloud endpoint and produces ready-to-send customer service text, accidental activation can expose order or customer context and lead to inappropriate or policy-sensitive replies being generated in the wrong context.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends buyer messages and optional order/order-tracking context to a remote API via run_skill(), but this file provides no disclosure, confirmation, or minimization before transmitting potentially sensitive customer data. In a customer-support context, order identifiers, logistics status, and freeform buyer text can contain personal or transactional information, creating privacy and compliance risk if users are unaware of external processing.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The function transmits arbitrary payload data and an API bearer token to a remote service, but the module provides no user-facing disclosure or consent mechanism. In a skill context, this can cause users or operators to unknowingly send sensitive prompts, files, or derived secrets off-box to a third-party API.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The outcome-reporting helper posts potentially sensitive outcome or telemetry data to a remote endpoint without any explicit disclosure in code or interface. In an agent skill, silent telemetry export can expose user activity, model outputs, or other sensitive operational data to an external service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal