ClawHub

Chinese-Encoding-Handler

Security checks across malware telemetry and agentic risk

Overview

The skill has a plausible encoding-help purpose, but the package tells users to run missing PowerShell scripts that would write files and permanently change shell settings.

Review before installing. Do not run replacement PowerShell scripts from another source just because these docs reference them. If the publisher supplies the missing scripts, inspect them first, back up files before using write or batch-conversion examples, and prefer -Check or non-permanent terminal settings before any -Permanent profile change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README instructs users to run a command that can permanently modify the PowerShell profile via the -Permanent option, but it does not present a prominent warning about persistence, scope, or rollback before the example. Persistent profile changes affect future shell sessions and, in an agent/automation context, normalize behavior that alters a user's environment in a lasting way, which can be risky if copied blindly.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill includes examples for writing files and making permanent terminal changes, but it does not clearly warn that these actions can overwrite existing files or modify persistent system configuration. In an agent-executed context, unclear safety boundaries can lead to unintended data loss or system changes even if the feature itself is legitimate.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal