ClawHub

kuaidi100-logistics

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it uses Kuaidi100's API for package tracking, carrier detection, shipping cost estimates, and delivery-time estimates, but users should understand that shipment details may be sent to that service.

Install this only if you are comfortable sending package-tracking details, relevant phone numbers, addresses, and route history to Kuaidi100 for lookups. If you set KUAIDI100_API_KEY, treat it like a secret and avoid sharing logs or command output that might include request URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill mandates invocation for broad, common logistics-related phrases, which can cause unnecessary external API calls and disclosure of parcel numbers or related personal data without clear necessity. In a conversational agent, overbroad triggers increase privacy risk because users may mention shipment details casually without expecting transmission to a third party.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill processes sensitive logistics data including parcel numbers, phone numbers, and addresses, but does not warn that this information will be transmitted to an external API. This undermines informed consent and creates a meaningful privacy risk, especially since the trigger rules encourage proactive use of the skill.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The file instructs use of an API key from environment variables but gives no handling guidance about preventing disclosure in logs, error messages, or command history. The examples also place the key in URL query parameters, which increases the chance of credential exposure via logs, proxies, and telemetry.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal