ClawHub

Xiaozhi Teach Physics Lesson Planner

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Chinese physics lesson-planning skill whose behavior is disclosed and teaching-focused, with practical safety and student-data caveats.

Install only if you want a Chinese-language physics teaching assistant. Review any experiment suggestions against your school safety rules before use, and avoid storing identifiable student data unless you have permission and a clear retention plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad, natural-language teaching queries that are likely to appear in ordinary conversation, so the skill may activate unintentionally outside a clearly scoped invocation. This can cause routing errors, unwanted context switching, or inappropriate takeover of the assistant response, though it does not directly enable code execution or data exfiltration.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The skill content is written as Chinese-only and does not specify language negotiation or fallback behavior, which can cause the assistant to respond in an unexpected language or ignore user language preference. This is primarily a usability and policy-compliance issue that may degrade trust or cause miscommunication, rather than a direct security compromise.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill declares it 'must activate' for several generic classroom phrases such as asking how to teach a physics concept or write a lesson plan. These triggers are broad enough to match ordinary pedagogical discussion, which can cause unintended invocation, context hijacking, and unnecessary access to connected downstream skills or student-analysis workflows.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger table enumerates short, high-frequency utterances without scope boundaries, exclusions, or disambiguation rules. In practice this increases accidental activation during normal teaching conversations, which may misroute user requests, override more appropriate skills, or propagate irrelevant data into linked systems.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The template includes classroom experiment guidance and a general safety section, but the cited hazardous-experiment guidance is too generic to warn about concrete risks, required controls, or examples of what counts as high risk. In an education-facing skill, vague safety language can lead teachers to select or adapt demonstrations without adequate precautions, increasing the chance of preventable injury.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The electrical experiment examples describe batteries, bulbs, switches, meters, and circuit assembly but omit concrete warnings about short circuits, incorrect meter wiring, overheating, battery misuse, and teacher supervision. Because this skill is a lesson-planning aid, users may treat the examples as ready-to-run instructions, making the lack of electrical safety guidance materially risky.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal