ClawHub

Xiaozhi Teach English Listening Designer

Security checks across malware telemetry and agentic risk

Overview

This is a teaching-design skill for English listening lessons, with no executable code or hidden install behavior; its student-profile references are disclosed and bounded by pseudonymization guidance.

Installers should understand that this skill may be invoked for broad listening-teaching phrases and may produce pseudonymous learner progress profiles for use with related education workflows. Use it where student data handling is appropriate, avoid real names unless your environment permits it, and confirm copyright status before using or storing listening materials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill declares it "must activate" for several broad phrases such as '听力怎么教' and '学员听不懂' without any gating conditions, role checks, or disambiguation. This can cause the skill to trigger in loosely related conversations, leading to workflow hijacking, incorrect routing, and unintended access to connected downstream educational data flows.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The '触发时机' table uses short, generic phrases as standalone triggers and does not define boundaries for when the skill should not run. In an agent ecosystem, these broad triggers increase accidental invocation risk and may cause the system to prioritize this skill over more appropriate ones, reducing reliability and potentially exposing student-profile related outputs unnecessarily.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal