ClawHub

Xiaozhi English Listening Trainer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent English-listening tutor skill that personalizes practice with learner profile data, with no executable code or hidden network behavior found.

Install this if you want a personalized listening tutor that can use and update learner vocabulary/profile records. Before use, check the companion DNA/reminder skills for how stored vocabulary, interests, progress reports, reminders, deletion, and opt-out are handled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill mandates activation for essentially any English listening-related scenario, which gives it priority far beyond a narrowly scoped capability. Overly broad routing can cause unintended invocation, unnecessary access to linked profile data such as learning DNA and vocabulary history, and reduced user control over whether personalization or tracking should occur.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad, common tutoring requests that can overlap with ordinary conversation, making false-positive activation likely. In this skill's context, accidental activation is more concerning because the skill is connected to persistent learner-profile systems and may begin personalized generation or data updates without a clearly delimited user request.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill describes real-time storage of new vocabulary, follow-up reminders, and progress reports, but provides no notice, consent flow, retention policy, or ability to opt out. This creates a privacy and data-governance risk because the skill processes persistent educational behavior data across sessions and shares it with dependent systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal