ClawHub

算卦(小六壬 · 大六壬 · 六爻 · 梅花易数)

Security checks across malware telemetry and agentic risk

Overview

This divination skill is coherent and disclosed, with the main user considerations being optional city geocoding, local caching, and broad trigger words.

Install only if you are comfortable with a divination tool that may send unknown city names to Open-Meteo and cache resolved city coordinates locally. For maximum privacy, use the explicit longitude option or known built-in cities, and treat any outputs as entertainment or cultural reference rather than advice for medical, legal, financial, or other major decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a local divination/calculation utility, but this code adds undeclared external geocoding and writes a persistent local cache. That creates privacy and trust issues because user-supplied location data may leave the system and be stored on disk even when the user likely expects an offline calculation workflow.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
This function sends user-provided city names to an external geocoding API, expanding the skill's capability beyond pure local divination logic. Even if used to improve true-solar-time calculations, the external call introduces data exfiltration, third-party dependency, and availability risks that are not clearly constrained by the stated purpose.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes very broad everyday Chinese terms such as '算', '算算', and '预测', which can appear in many non-divination contexts. In an agent environment, this raises the chance of unintended skill activation, causing the agent to route unrelated user requests into this skill and potentially perform unexpected network calls or misleading fortune-telling behavior.

Vague Triggers

Low
Confidence
78% confidence
Finding
The architecture example uses the phrase '帮我算个事', which is conversationally vague and can overlap with ordinary requests about calculation, planning, or advice. If implementers mirror this example as a trigger boundary, the skill may activate on ambiguous language and produce irrelevant or confusing outputs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
At this call site, user input is passed into external geocoding without any warning or consent prompt. A user asking a divination question may not expect their location string to be transmitted to a third party, so this is a privacy vulnerability caused by insufficient transparency and consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal