ClawHub

Industrial Park Investment Assistant

Security checks across malware telemetry and agentic risk

Overview

This sales-assistant skill is coherent and not malware-like, but it needs review because it handles customer profiles and business-sensitive sales data without clear privacy or access-control safeguards.

Install only if your team can restrict the linked Tencent Docs or local knowledge files to approved business data, avoid adding unnecessary personal information, and store customer profiles only in governed CRM or knowledge-base systems with role-based access, retention, and deletion controls. Treat generated customer emails, pricing, concessions, and competitor comparisons as drafts that require human review and manager approval where money or commitments are involved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill explicitly says it can be used 'like chat' and that no special command is needed, which weakens invocation boundaries and increases the chance the skill activates during ordinary conversation. In a business workflow assistant that can generate customer-facing sales guidance and competitor-comparison talking points, accidental activation can lead to unintended data retrieval, misleading outputs, or inappropriate use in contexts the user did not intend.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The listed trigger scenarios are broad, natural-language business requests that overlap with normal conversation, without clear constraints on when the skill should engage. Because the skill handles potentially sensitive operational content such as customer research, pricing context, and competitor positioning, broad triggers raise the risk of overreach, unintended processing, and disclosure from loosely related prompts.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The SOP instructs staff to collect and record company names, contacts, phone numbers, and customer profile details, but provides no privacy notice, lawful-basis guidance, minimization rules, access controls, or retention limits. In a sales/招商 workflow, this creates a realistic risk of over-collection, unauthorized sharing, or persistent storage of personal and business-sensitive information in ways that may violate privacy obligations or expose customer data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Directing users to store finalized customer profiles in a knowledge base or CRM without safeguards is risky because these systems may be broadly searchable, reused by the agent, or accessible beyond the deal team. Given this skill is explicitly designed to centralize customer research, follow-up, and negotiation support, the absence of sensitivity warnings and retention controls increases the chance of long-term exposure of contact data, business plans, budgets, and decision-chain information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal