ClawHub

Xiaozhi Teach Chinese Classical Guide

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be an educational classical-poetry teaching aid, but it may persist student learning profiles through another skill without clear consent or retention controls.

Review this skill before installing if it will be used with real students. Only use it where teachers or guardians understand what learner data may be stored, where it is sent, and how it can be deleted or avoided; prefer a no-storage mode or pseudonymous student identifiers until the skill documents consent and retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill metadata says it 'must activate' for broad phrases like '古诗怎么上' and '诗词鉴赏', which are common teaching topics and not narrowly scoped to this exact workflow. Overbroad mandatory activation can cause inappropriate routing, suppress user choice, and trigger downstream data-handling behaviors in contexts where the user only wanted general advice.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger section enumerates many broad activation scenarios but does not define clear boundaries, opt-in conditions, or negative examples. In an agent environment, this increases the chance of accidental invocation and unintended collection or propagation of classroom/student context to linked skills.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow includes writing back a '古文积累档案' to student-analyzer, but the skill does not present a clear user-facing notice about persistence, retention, or consent before storing learner performance data. Because this involves student profiling and cross-skill sharing, silent persistence can create privacy and compliance risks, especially for minors.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal