ClawHub

Baidu Netdisk Resource Saver

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent with its purpose, but it can search third-party links and modify a logged-in Baidu Netdisk account without clear final consent boundaries.

Install only if you are comfortable letting an agent use a logged-in Baidu Netdisk session or authenticated `bdpan` CLI. Before use, instruct it to stop after finding links and ask you to approve the exact file, source link, and target folder before any save or transfer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad enough to activate on ordinary requests such as 'search for [x]' or 'save to netdisk,' causing the agent to invoke web search, browser automation, and account-affecting transfer actions without sufficiently precise user intent. In this skill's context, over-triggering is more dangerous because it can lead to unintended searches for pirated content and unauthorized changes to a user's Baidu Netdisk account.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger section lacks scope boundaries and mixes generic search intents with high-impact actions like saving or transferring files into the user's account. Because the workflow includes browser automation and CLI commands that can modify account contents, ambiguous activation increases the risk of unintended execution, privacy exposure, and policy-violating content acquisition.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill omits warnings that it may use authenticated browser sessions or bdpan CLI state to access and modify the user's Baidu Netdisk, exposing account data and performing persistent actions. In this context, the omission is especially risky because the skill searches for third-party share links and then saves content into the user's storage, which has both privacy and legal/account-abuse implications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documented browser flow explicitly clicks Baidu Netdisk's '保存到网盘' action, which modifies the user's cloud storage, but it provides no requirement for explicit user confirmation, no warning that state will be changed, and no guardrails on destination selection. In this skill's context, the whole purpose is to search for content and transfer it into the user's Netdisk automatically, so omission of consent and safety checks materially increases the risk of unauthorized or unexpected writes to the user's account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal