ClawHub

Xiaozhi Teach Math Error Analyzer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a math education analysis skill with broad activation wording, but no evidence of hidden execution, persistence, exfiltration, or unsafe authority.

Install only if you want teacher-facing math error analysis. Avoid providing unnecessary personally identifying student details, and confirm that broad teaching prompts should use this diagnostic workflow before relying on its recommendations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrases are broad classroom-language prompts without explicit scope limits, so the skill may activate on loosely related teacher requests and steer the agent into this workflow when the user did not clearly intend it. In an educational analysis skill this is not directly code-execution dangerous, but it can cause misrouting, over-collection of student performance data, and inappropriate or low-precision pedagogical recommendations.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill metadata says the skill 'must be activated' for several very common teaching phrases, but it does not define gating conditions, exclusions, or required context. In an agent platform, this can cause unintended routing, over-collection of student performance data, or invocation in conversations where the user did not actually request structured analysis, increasing privacy and workflow-integrity risk.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger examples enumerate broad utterances like '哪个知识点没掌握' and '下次课讲什么' without clarifying when the skill should not activate or when a different planning/analytics skill is more appropriate. This ambiguity increases the chance of mis-triggering, cross-skill confusion, and unnecessary analysis of sensitive educational records.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal