ClawHub

多平台翻译工具

Security checks across malware telemetry and agentic risk

Overview

The skill is a translator, but it misleadingly says text stays local while its instructions submit text to external translation and chat services.

Review before installing. Treat anything translated with this skill as being sent to external providers and possibly associated with logged-in Doubao or Tencent Yuanbao accounts. Do not use it for secrets, credentials, regulated personal data, confidential contracts, or sensitive business text unless those provider data flows are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The skill explicitly sends user-provided text to external translation and AI chat services, yet the documentation claims the content stays local and is not uploaded to third-party servers. This is dangerous because users may paste sensitive business, legal, or personal data under a false privacy assumption, causing unintentional disclosure to multiple external providers.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set includes generic phrases related to translation that can plausibly appear in ordinary conversation, increasing the chance of accidental invocation. While this is not a direct code-execution issue, unintended activation can cause user text to be sent to external services without deliberate intent.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill description and notes do not accurately warn that content will be transmitted to third-party translation websites and AI chat systems. In this context, the omission is security-relevant because the skill handles arbitrary user text, which may include confidential or regulated information.

Ssd 3

Medium
Confidence
99% confidence
Finding
The instruction stating that translated content remains local directly contradicts the operational steps that submit text to external web services and authenticated chat platforms. This misleading assurance can materially increase exposure because users may trust the skill with sensitive content they would otherwise withhold.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal