ClawHub

Knowledge Paid

Security checks across malware telemetry and agentic risk

Overview

This skill needs review because its stated purpose appears to reference obtaining paid platform content while its instructions do not clearly limit use to lawful, authorized access.

Review before installing. Only use this skill if the publisher clarifies that it supports lawful learning workflows, official subscriptions, authorized trials, discounts, or user-owned materials. Do not use it to bypass paywalls, scrape paid courses/articles, or obtain copyrighted content without permission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill metadata says it provides guides for obtaining paid content from platforms like 得到 and 知乎盐选, which can imply bypassing legitimate payment or access controls, but the body describes generic course-selection and learning-tracking features instead. This mismatch is dangerous because it obscures the true behavior and can mislead routing, review, or user expectations, increasing the chance the skill is used for policy-violating or infringing activity under a benign-looking spec.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are very broad and resemble common help requests, so the skill may activate for unrelated queries. In the context of a skill already ambiguously framed around paid-content acquisition, overbroad routing increases the risk of accidental invocation and exposure of users to guidance that could facilitate unauthorized access or copyright infringement.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal