ClawHub

Parcel Coupon 快递优惠券-支持顺丰、中通、圆通、韵达、申通、菜鸟、同城配送,件件优惠

Security checks across malware telemetry and agentic risk

Overview

This skill mostly acts like a parcel-coupon fetcher, but a bundled reference document describes a different takeout-coupon service and the skill steers users toward raw third-party links and QR codes.

Review before installing. The core script appears limited to fetching parcel coupons, but the bundled documentation mismatch could cause an agent to use or explain the wrong coupon service. Treat returned coupon links and QR codes as third-party content, inspect domains where possible, and prefer a corrected version with consistent docs and clear destination validation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The documentation and endpoint clearly describe a takeout-coupon API, while the skill metadata claims the skill retrieves parcel/shipping coupons. This is a material capability mismatch that can mislead users, downstream agents, and reviewers about what external service is being called and what data or links are being returned. In a security context, such misrepresentation increases phishing, trust-boundary, and policy-bypass risk because users may interact with unexpected third-party coupon links or QR codes under a false pretense.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The skill repeatedly instructs users to open the returned coupon link or QR code in WeChat, while also requiring the URL to be shown exactly as returned by an unauthenticated external API. This creates a social-engineering and trust-boundary risk: users are nudged into a specific external app flow where malicious, swapped, or compromised links/QR targets could be harder to inspect and could facilitate phishing, tracking, or unwanted redirection.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal