ClawHub

한국 자동차/보험 가이드

Security checks across malware telemetry and agentic risk

Overview

This is a Korean car and insurance information skill with scoped lookup guidance and no evidence of hidden, destructive, persistent, or data-stealing behavior.

Reasonable to install for Korean car tax, auto-insurance, used-car, and traffic-fine guidance. Grant only the search/law connectors you actually need, verify any separate law-search helper before allowing it to run, and avoid entering unnecessary personal identifiers such as plate numbers, policy numbers, claim IDs, phone numbers, or names.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list for the insurance quote intent includes broad everyday phrases such as asking how much insurance costs, which can easily match casual conversation outside a clearly scoped insurance workflow. This can cause unintended invocation, leading the agent to collect personal profile data or provide regulated financial/insurance guidance when the user did not explicitly ask for this skill.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The insurance-claim intent contains highly generic phrases like '사고 났어' and '사고 처리', which are ambiguous and may refer to medical, workplace, travel, or non-automotive incidents. In a safety-sensitive context, misrouting a user into a car-insurance workflow can produce incorrect procedural advice during an urgent situation and cause omission of needed emergency or legal guidance.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Recommendation-style triggers like '보험 추천' or '어디가 싸?' are vague and overlap with ordinary conversation about many kinds of insurance or general shopping advice. That increases unintended activation and may result in misleading comparative guidance in a regulated product area without enough context about insurance type, user eligibility, or disclosure boundaries.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal