ClawHub

kuaidihelp-skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate courier helper, but it should be reviewed because it handles full shipping personal data, echoes request payloads to output, and can cancel orders.

Review before installing. Use it only if you are comfortable sending shipment details to Kuaidihelp, avoid unnecessary notes or images, and require explicit confirmation before order creation or cancellation. Be aware that the current script may print sensitive request data into logs or terminal output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to collect and transmit highly sensitive personal data for shipment creation, including full names, phone numbers, and detailed street addresses, but provides no privacy notice, minimization guidance, or user-consent step before sending this data to an external courier API. In an agent setting, this increases the risk of unnecessary disclosure, over-collection, and mishandling of personal data, especially because the workflow normalizes sending complete PII to a third-party service.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The logistics-query flow asks for waybill numbers and, for some carriers, the last four digits of a phone number, but does not warn users that this information may be disclosed to an external tracking service. While the data scope is narrower than order creation, it still involves personal or linkable information that could be exposed without informed user consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code prints the full request payload, which can include names, addresses, phone numbers, shipment details, and authentication metadata before sending it to the remote API. In a CLI or agent environment, stdout is often captured in logs, creating unintended disclosure of sensitive personal and operational data beyond the intended API transmission.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal