ClawHub

Yufluentcn Ecommerce Listing

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud e-commerce listing generator that uses a Yufluent API key to send product listing details to its service.

Install only if you intend to use Yufluent's cloud listing service and are comfortable sending product details, keywords, and related listing inputs to that service. Set TOKENAPI_BASE_URL carefully, keep TOKENAPI_KEY private, and confirm the task is actually ecommerce listing generation before running it because use may involve billing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
url = skill_run_url(base_url or os.getenv("TOKENAPI_BASE_URL", ""), skill_id)
    try:
        resp = requests.post(
            url,
            json=payload,
            headers={
Confidence
83% confidence
Finding
resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
url = agent_outcomes_url(base_url or os.getenv("TOKENAPI_BASE_URL", ""))
    try:
        resp = requests.post(
            url,
            json=payload,
            headers={
Confidence
83% confidence
Finding
resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase "优化产品标题" is broad enough to match many generic writing or editing requests, which can cause the skill to activate outside its intended ecommerce-listing scope. In this skill, over-activation is more concerning because the instructions force routing product-copy tasks to a remote Yufluent service using a shared API key, potentially causing unintended data transmission, billing, or workflow hijacking.

Vague Triggers

Low
Confidence
74% confidence
Finding
The phrase "做多语言 Listing" is underspecified and may activate on broad multilingual content-generation requests without confirming platform or listing context. While less severe than the previous trigger, it still increases the chance of accidental invocation and unnecessary transmission of user content to the external cloud execution service.

Unpinned Dependencies

Low
Category
Supply Chain
Content
-e ../../packages/tokenapi-sdk
-e ../../packages/tokenapi-harness
requests>=2.31.0
Confidence
95% confidence
Finding
requests>=2.31.0

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal