ClawHub

xianyu service ops

Security checks across malware telemetry and agentic risk

Overview

This is a Xianyu seller playbook with no executable code, but it teaches off-platform buyer migration and suggests starting a new account after a ban.

Install only if you are comfortable reviewing and ignoring the parts that steer buyers off Xianyu or suggest restarting after enforcement. Keep any .claude/xianyu-context.md file minimal and avoid storing credentials, personal data, buyer details, or confidential business metrics.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill includes explicit instructions to build a funnel from Xianyu to external platforms and then into WeChat private channels. Even if framed as growth operations, this enables off-platform solicitation and trust-transfer behavior that can violate marketplace rules, reduce platform safeguards, and facilitate harder-to-monitor transactions.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
Advising users to start a new account after a ban provides operational guidance for account reconstitution and ban evasion. This undermines platform enforcement and can be reused by abusive sellers to continue prohibited conduct after penalties.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The README instructs users to store account state in a project-local `.claude/xianyu-context.md` file that the skill reads automatically, but it does not warn about storing sensitive business or personal data there. This can lead to unintended persistence and disclosure of marketplace account details, operating plans, pricing strategy, or other sensitive information to the agent and anyone with access to the workspace.

Ssd 4

Medium
Confidence
91% confidence
Finding
The staged funnel explicitly teaches how to capture traffic on-platform and then shift the relationship to a private channel. This is dangerous because it systematizes circumvention of marketplace controls and can be repurposed for fraud, fee evasion, or transactions outside platform dispute and moderation mechanisms.

Ssd 4

Medium
Confidence
94% confidence
Finding
The repeated instruction to complete an order and then guide the buyer to WeChat operationalizes a trust-building progression for moving customer interactions off-platform. Repetition across the playbook makes the behavior more likely to be followed and increases the risk of policy evasion at scale.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal