ClawHub

Xiaozhi Math Problem Solving Coach

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language math tutoring workflow with disclosed personalization and no executable code, credential handling, or destructive behavior.

Install this if you want a Chinese math coach that asks guiding questions instead of giving direct answers. Review the learning DNA and math error DNA dependencies first, because the skill is designed to store or reuse problem history, weak points, and exam-related study context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill declares that it must be activated for essentially any math-related interaction, including broad categories like problem solving, error analysis, concept questions, and exam review. This can cause over-invocation, where the agent routes ordinary or low-risk math conversations into a rigid workflow, potentially suppressing user intent, conflicting with other skills, and expanding access to dependent skills and user learning data more often than necessary.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Several trigger phrases are generic help requests such as '帮我做这道题' or '帮我看看这道题', which are common and ambiguous without stronger math-specific validation. If the platform uses phrase-based matching, these broad triggers can capture unintended conversations, leading to incorrect routing, unnecessary processing of uploaded content, and unexpected sharing with linked skills like learning DNA or error DNA systems.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions are broad enough to activate the skill on generic help-seeking phrases such as '我卡在哪里了' or '帮我看看这道题', which can cause the agent to route many loosely related interactions into this workflow. In an agent system, overbroad activation is a policy and control weakness because it can suppress more appropriate skills, create unintended data collection/state persistence, and reduce reliability of user intent handling.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The documented entry conditions use ambiguous trigger phrases without strong scope constraints, so ordinary support requests may be misclassified as math-coaching sessions. Because this state machine also records problem details and student progress for pause/resume and archival, accidental invocation can lead to unnecessary retention of user content and incorrect conversational steering.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal