ClawHub

Xiaozhi Teach Exam Designer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Chinese assessment-design skill with some broad activation phrases, but no evidence of harmful behavior or high-impact access.

Installers should understand that this skill may activate on broad education-related Chinese prompts and steer the agent into a formal assessment workflow. Review or narrow the trigger phrases if you want stricter control, especially when using it alongside other teaching or tutoring skills.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad enough to match common teacher requests, which can cause the skill to activate in situations where the user did not explicitly intend a formal assessment-design workflow. This creates routing and scope-control risk: the agent may override more appropriate skills, collect unnecessary context, or produce exam-design outputs when the user only wanted lightweight help.

Vague Triggers

Low
Confidence
88% confidence
Finding
Ambiguous fragment-style triggers like short noun phrases do not clearly encode user intent, making accidental activation more likely. In an agent system, this can degrade reliability and cause the skill to seize control of adjacent tasks such as lesson explanation, generic feedback, or content planning.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill declares broad trigger phrases such as '帮我出一份试卷', '设计一个单元测验', and '这份卷子质量如何', and even says it 'must' activate on these requests. In an agent platform, overly broad mandatory triggers can cause misrouting or unintended invocation, which may override more specific skills, process unrelated educational content, or unnecessarily access/propagate assessment-related data across dependent skills.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal