ClawHub
Back to skill

Security audit

TANGSUAN1994

Security checks across malware telemetry and agentic risk

Overview

This skill transparently records document metadata into a fixed WeCom smart sheet, which is expected for its stated knowledge-base purpose but requires care with sensitive links.

Install only if the hardcoded WeCom smart sheet is your intended destination and its sharing settings are appropriate. Avoid submitting confidential or restricted document links unless that knowledge base is authorized to store them, and use a WeCom/MCP account with limited write permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation trigger is overly broad because it fires on any mention of “知识库,” which can cause the skill to activate in contexts where the user did not intend to archive content. In this skill, activation leads toward writing summaries and links into a shared enterprise sheet, so mistaken invocation can result in unintended data disclosure or persistence of sensitive document metadata.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill does not clearly warn users that submitted document names, summaries, categories, and original links will be written into a shared enterprise knowledge-base sheet. Because the destination is a persistent shared system, users may provide links or content assuming transient processing, creating a real risk of unauthorized internal sharing, over-retention, or accidental exposure of sensitive business information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.