ClawHub

Xiaozhi Teach Math Lesson Planner

Security checks across malware telemetry and agentic risk

Overview

This appears to be a teaching lesson-planning skill with broad activation wording, but no evidence of hidden access, persistence, data theft, or destructive behavior.

Install only if you want generic teaching and lesson-planning prompts to route to this skill. If your environment has multiple education skills, review or narrow its activation phrases to avoid accidental use in unrelated tutoring conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase at line 21 ("教案怎么写") is broad and common in normal teacher conversations, so it can cause the skill to activate in contexts where the user did not explicitly request this specific planner. Over-broad activation can route user input into the wrong workflow, causing unintended tool use, confusion, or inappropriate data/interface handoffs to connected student-analysis components.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase at line 22 ("学员不会做题") is highly ambiguous and could appear in many ordinary tutoring or diagnostic conversations that do not actually call for this skill. Because the skill description indicates mandatory activation on such phrases, this increases the chance of unintended invocation and misclassification of user intent.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill metadata says it 'must activate' for very common teaching phrases such as asking how to explain a concept or write a lesson plan. This creates overbroad routing behavior that can hijack many normal education requests, causing unintended invocation, workflow interference, and possible unnecessary sharing of lesson or student-analysis context with dependent skills.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger table lists broad everyday instructional phrases like '这个概念怎么讲', '教案怎么写', and '学员不会做题' without clear scope boundaries. In a multi-skill environment, these ambiguous triggers can cause accidental activation and priority conflicts, reducing user control and potentially propagating student-related data into downstream integrations when not actually needed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal