ClawHub
Back to skill

Security audit

UAPI 答案之书 接口

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only helper for a public random “Answer Book” API, with a real but limited risk of accidental activation because it uses a broad “ask” trigger.

Install this only if you want a random Answer Book API helper. Use it for explicit Answer Book/UAPI requests, avoid putting private information in the question sent to uapis.cn, and provide only a UAPI-specific key if quota limits require one.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger keyword list includes the generic English term "ask," which is common in everyday prompts and can cause this skill to be selected for unrelated user requests. That increases the chance of unintended API invocation, misrouting, and confusing or privacy-impacting behavior if user input is sent to the endpoint when the user did not intend to use this skill.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The manifest enables implicit invocation with no visible trigger constraints, so the skill may be selected in situations broader than intended. For a skill that directly calls an external API endpoint, ambiguous activation increases the chance of unintended external requests, parameter misuse, or invocation in the wrong user context.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The English trigger keyword "ask" is extremely generic and can match a wide range of unrelated user requests, causing the agent to select this skill when the user did not intend to use the Answer Book endpoint. In a routing or tool-selection context, overly broad triggers can lead to incorrect API calls, privacy mistakes, or bypass of more appropriate skills with stricter validation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal