ClawHub

今日头条资讯采集

Security checks across malware telemetry and agentic risk

Overview

This is mostly a read-only Toutiao data lookup skill, but it contains under-disclosed cross-platform fallback instructions and broad automatic query routing.

Install only if you are comfortable sending Toutiao-related queries and a MaxHub API key to www.aconfig.cn. Review the cross-platform fallback instructions before use, because the skill may attempt undeclared Douyin API paths in some error-handling flows. Avoid using it for bulk profiling, surveillance, or collection of personal data without proper authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill is presented as a Toutiao-only assistant, but the instructions include downgrade paths and examples for Douyin and Xiaohongshu. This mismatch can cause the agent to access unintended third-party APIs, expanding scope beyond what users and reviewers expect and increasing the risk of unauthorized data handling or policy violations.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The security declaration asserts that all endpoints are legitimate read-only APIs for this skill, yet the document references endpoints for other platforms. This creates a misleading trust signal that may suppress scrutiny while the agent is actually instructed to operate outside the declared scope.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases for intent classification are broad terms like 'get', 'info', 'find', and 'show me', which can match ordinary conversation unrelated to Toutiao queries. Overbroad routing increases the chance of unintended API calls and data transmission without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Generic follow-up phrases such as 'next page', 'analyze', or 'compare with X' can reactivate prior query context too loosely. This weak scope control can lead to unintended continuation of external lookups or analysis on stale or misunderstood targets.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The file documents APIs for retrieving comments, user IDs, and user information without any privacy, authorization, retention, or acceptable-use guidance. In a skill centered on social-platform data lookup, that omission materially increases the risk of bulk profiling, scraping, or misuse of personal data by downstream users or agents.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal