ClawHub
Back to skill

Security audit

光通信投资分析框架

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed investment-analysis knowledge pack with an optional update workflow, but users should run updates deliberately because they can use a logged-in browser and edit local reference notes.

Install if you want this optical-communications investment framework. Use update mode only when you explicitly intend to refresh its knowledge, avoid using a sensitive shared browser profile if possible, and review any appended reference-file changes afterward.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The skill states that self-iteration only runs when explicitly triggered by the user, but elsewhere introduces periodic checking, creating conflicting execution boundaries. In an agent setting, this ambiguity can cause unintended autonomous browsing and knowledge updates, especially when browser access and a logged-in profile are available.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description presents one set of activation conditions, while later sections describe different trigger behavior and scheduled checks. This inconsistency makes it hard for the agent to reliably distinguish passive analysis from state-changing update actions, increasing the chance of unintended tool use.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description presents one set of activation conditions, while later sections describe different trigger behavior and scheduled checks. This inconsistency makes it hard for the agent to reliably distinguish passive analysis from state-changing update actions, increasing the chance of unintended tool use.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Scheduled checking is described as a regular activity without a clear, current-user authorization requirement. In a tool-enabled agent, that can normalize autonomous polling behavior and lead to recurring external site access and local knowledge-base changes outside the user's immediate intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section instructs the agent to use a browser with a logged-in user profile to access Xueqiu and then modify local reference files, but it does not require a just-in-time warning or confirmation at the point of execution. Because it combines authenticated browsing with persistent file edits, accidental or overly broad invocation could expose account context, access more data than intended, or silently alter the skill's knowledge base.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.