ClawHub
Back to skill

Security audit

卖家之家(跨境电商)平台一体化服务助手(服务商、物流、服务产品、技能商城、货盘、资讯、问答、供需、私信、全球开店、活动)

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate MJZJ platform assistant, but it gives an agent account-level power to publish, message, upload, refresh, and delete without clear built-in confirmation safeguards.

Install only if you intend to let the agent use your MJZJ account through MJZJ_API_KEY. Before any publish, upload, private message, refresh, or delete action, require the agent to show the exact target, content, and consequence and wait for explicit approval; rotate or revoke the API key when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly enables sending private messages to third-party service providers by reusing a returned userSlug, but it does not require an explicit user confirmation step immediately before dispatching the message. This creates a risk of unintended outbound communication, spam, or disclosure of user-provided content to external parties, especially because messaging is an authenticated action tied to the user's account.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill exposes a destructive delete operation for supply/demand entries and marks only the required id parameter, without requiring a warning, confirmation, or safer preview/list-then-delete workflow. An agent following this spec could delete user data immediately if prompted ambiguously or maliciously, causing irreversible loss of marketplace postings under the authenticated account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.