ClawHub

Reddit社区数据采集

Security checks across malware telemetry and agentic risk

Overview

This Reddit data skill mostly matches its stated purpose, but its instructions include automatic fallback guidance to unrelated Douyin/Xiaohongshu APIs and should be reviewed before use.

Install only if you trust MaxHub/aconfig.cn with your API key and the Reddit queries you submit. Review or remove the non-Reddit Douyin/Xiaohongshu fallback instructions before relying on autonomous execution, and avoid sending sensitive identifiers or private investigation terms unless you are comfortable sharing them with the external API provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill is labeled and described as a Reddit-only data assistant, but this section embeds Douyin-specific pathing and endpoint guidance. That mismatch can cause the agent to call unrelated APIs or follow the wrong documentation branch, creating incorrect external requests and potentially sending user-supplied query data to unintended services or endpoints.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The 404 handling guidance uses Xiaohongshu-specific path examples inside a Reddit skill, which can misdirect recovery logic after failures. In practice, agents often trust these repair instructions, so a benign Reddit query could be transformed into a request against the wrong product family, increasing the chance of unintended data transmission and erroneous behavior.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The downgrade table instructs fallback from failures to unrelated Douyin APIs, directly contradicting the Reddit skill purpose. Automatic fallback logic is high risk because it can silently redirect requests to different API families, causing unauthorized or unintended network activity and making auditability much harder.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Defaulting uncertain intent to 'Post Data' can trigger the wrong capability and make network requests the user did not clearly intend. While not inherently malicious, ambiguity in routing increases the chance of over-collection, wrong queries, and confusing results, especially in an agent that executes autonomously.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly authorizes autonomous multi-query execution and parallel API calls, but it does not clearly warn users that their prompts may be transmitted externally as part of those calls. This creates a privacy and consent risk, particularly if users include sensitive search terms, usernames, or investigative targets in natural language requests.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The document explicitly instructs use of an Authorization bearer token but provides no guidance on safe handling, redaction, storage, or sharing restrictions. In an agent skill context, this can lead users or downstream agents to expose API keys in logs, prompts, screenshots, or error messages, causing credential leakage even though the file does not directly exfiltrate the token.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation tells users to call an external service at aconfig.cn with a bearer API key, but does not warn that usernames, post identifiers, and comment-reply cursor data are transmitted to a third party. In a data-query skill, that omission can mislead operators into sending user-related queries off-platform without informed consent, creating privacy, compliance, and credential-handling risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal