ClawHub

Chinese Name Craft

Security checks across malware telemetry and agentic risk

Overview

This skill is a Chinese naming workflow that uses expected birth and naming details and can generate a local Word report, with no evidence of exfiltration or destructive behavior.

Install only if you are comfortable sharing birth date/time and related family naming details with the agent and storing the generated report locally. Before using the Word export, review the generated JSON and prefer installing python-docx yourself instead of allowing an automatic pip install.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script installs a Python package at runtime via pip when `python-docx` is missing, which introduces network access and code-execution behavior that is not essential to safely formatting a local document. This expands the trust boundary to package indexes and the local Python environment, and can result in execution of unreviewed dependency code or unexpected environment modification without explicit user approval.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The activation phrases are broad enough that the skill may trigger on many naming- or fortune-related requests without clear boundaries. Over-broad activation increases the chance of unnecessary collection of personal data and invocation of later file/script behaviors in contexts where the user did not specifically request them.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow asks for sensitive personal data including surname, sex, date of birth, precise birth time, and preference constraints without an explicit warning or consent language. Birth date/time is sensitive profiling data, and in combination with identity details it raises privacy and misuse risks beyond what users may expect for a naming interaction.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document-generation step instructs the agent to assemble user-derived analysis into JSON, write local files, and execute a Python script, but it does not clearly warn the user that local persistence and code execution will occur. Because the generated report may include sensitive personal and profiling data, silent file creation materially increases privacy and operational risk.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The file presents gender-specific restrictions such as '女忌' as normative guidance without user choice, context, or disclaimer, which can encode and reproduce discriminatory treatment based on gender. In a naming workflow, this can directly influence recommendations given to users and lead to biased outputs that exclude or steer people differently solely because of sex or perceived gender.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Automatically invoking `pip install python-docx -q` without warning or confirmation causes silent system changes and may download and execute code from external package sources. In a skill whose purpose is offline document generation, this hidden side effect is more dangerous because users would not reasonably expect network activity or package installation from a formatting helper.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal