ClawHub

Xiaozhi Chinese Material Library

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed student writing-material library skill with no executable code, but users should be aware it is designed to retain and reuse student writing materials and usage history.

Install only if you are comfortable with the agent maintaining a long-term library of student writing materials and usage history. For students or minors, prefer explicit opt-in before saving, confirm ambiguous save requests, and periodically review or delete stored materials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill repeatedly says it 'must' be activated for broad categories like 素材积累、好句收藏、写作备料, which creates an overbroad activation boundary. In an agent environment, this can cause unnecessary invocation on loosely related student conversations, increasing unintended data collection and reducing user control over when persistent storage and tracking features are engaged.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Trigger phrases such as '记一下这个' and '好,记下来' are common conversational expressions and are likely to appear during normal tutoring dialogue without intent to invoke a persistent material library. This makes accidental activation plausible, which is especially risky here because the skill stores student content, assigns tags, and may later use that data for proactive recommendations and reports.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill advertises storage, proactive pushing, usage tracking, and monthly reporting of student writing materials, but it does not present a clear retention notice, consent flow, or explanation of profiling effects. Because the content concerns students, persistent collection of quotations, self-written sentences, and usage patterns raises privacy and behavioral profiling risks even if the educational purpose is benign.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal