ClawHub

OpenClaw 全岗位技能解释器

Security checks across malware telemetry and agentic risk

Overview

This skill is mainly a Chinese glossary for OpenClaw skills, but it asks to route users into installing other skills without enough scoping or security disclosure.

Treat this as an unverified translation and routing aid, not proof that listed skills are safe. Before installing any skill it recommends, require the exact skill name or slug, publisher, version, permissions, review status, and a separate explicit yes/no approval for installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document makes blanket trust claims such as '仅收录已验证安全技能' and '无风险无后门' while listing multiple clearly dual-use or security-sensitive capabilities like proxy management, automatic updating, multi-agent orchestration, code analysis, malware scanning, and auto-remediation. Absolute safety assertions can mislead users and downstream systems into lowering scrutiny, which increases the chance that risky capabilities are enabled without proper review or controls.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises invocation through very broad, everyday requests like wanting a tool to make PPTs or scrape web data. This can cause accidental triggering during normal conversation and lead users into a workflow that selects and installs another skill without a clearly bounded intent check, increasing the chance of unintended system changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description says the system will automatically install a matched skill after user confirmation, but it does not clearly present installation as a security-sensitive, system-changing action. In context, this skill is a discovery-and-installation bridge to other skills, so weak disclosure or ambiguous confirmation could lead users to approve installation without understanding the trust and execution implications.

Missing User Warnings

Medium
Confidence
76% confidence
Finding
These entries describe privacy-impacting functions such as meeting recording/transcription, email automation, calendar synchronization, and note synchronization, all of which may access sensitive personal or organizational data. Presenting them without explicit consent, data handling, retention, and permission warnings can normalize invasive behavior and cause users to underestimate privacy and system risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal