ClawHub
Back to skill

Security audit

悟空邀请码监控

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a real invite-code monitor, but it installs recurring cron jobs with weak safeguards and replacement-prone crontab instructions.

Review the cron commands before installing. Preserve your existing crontab, expect recurring network checks and local log/state files, and remove the wukong cron lines when you no longer want the monitor running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document instructs users to configure automatic Feishu push notifications that send monitored invitation-code content outbound, but it does not clearly warn that discovered content and timestamps will be transmitted to an external service. In a monitoring skill, silent or insufficiently disclosed outbound transmission creates a privacy and data-governance risk, especially if users assume the tool is local-only or 'zero token' implies no external sharing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to append a cron entry and install it with `crontab`, creating persistent scheduled execution and recurring notifications. While this appears to be part of the advertised functionality, it is still security-relevant because it modifies the user's scheduled tasks and can generate ongoing outbound activity without clearly warning about persistence, frequency, or notification destinations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script persistently modifies the user's crontab without any confirmation, dry-run mode, or rollback guidance. Because this establishes recurring execution, it changes system behavior beyond the current session and can surprise users or create unintended persistence, especially in an agent skill context where setup scripts may be run with limited scrutiny.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal