ClawHub
Back to skill

Security audit

医疗大健康采招雷达-医疗招标采购网

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only procurement research skill that uses an external bid-intelligence API, with privacy and scope cautions around broad queries and contact lookup.

Install only if you trust the Zhiliaobiaoxun service with your procurement searches and API key. Use a limited API key, avoid submitting confidential strategy unless acceptable under that provider's terms, confirm ambiguous company matches before subsidiary-wide analysis, and treat returned contact details as sensitive business or personal information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (9)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documented API surface materially exceeds the skill's stated purpose of hospital procurement radar analysis by exposing broad company intelligence functions across arbitrary enterprises. This scope expansion increases the chance of collecting or inferring non-essential business intelligence and enables use cases unrelated to the declared medical procurement context, undermining least-privilege expectations.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The contact lookup endpoint exposes project contact details such as names and phone numbers, which are sensitive personal/business data and not necessary for the stated goal of identifying hospital purchasers and top suppliers. In a procurement-analysis skill, this creates a clear risk of privacy leakage, targeted outreach, social engineering, or downstream misuse of contact information.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
Competitor analysis goes beyond retrospective hospital supplier mapping and enables broader commercial intelligence about bidding overlap, contested customers, and strategic regions. That is misaligned with the declared skill purpose and can be repurposed for market surveillance or anti-competitive intelligence gathering outside the intended medical procurement radar workflow.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Potential bidder recommendation is an active market-shaping capability, not merely observation of historical hospital procurement relationships. In this context it can be used to steer supplier selection, profile likely bidders, or facilitate procurement targeting beyond the stated purpose of analyzing hospital top-supplier systems.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documented APIs expose broad bid-market intelligence capabilities across arbitrary industries, brands, suppliers, geographies, and pricing, while the skill is described as a hospital-focused medical bid radar. This scope expansion can enable out-of-scope data extraction and competitive intelligence use beyond the declared purpose, weakening least-privilege boundaries and increasing the chance of unauthorized or policy-violating analysis.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger terms are very broad (e.g., hospital, medical, health, physical exam), so the skill may activate for everyday health or clinical queries that are unrelated to procurement intelligence. That can cause unintended calls to a business-intelligence API, leaking user query content to a third party and producing irrelevant or privacy-invasive results in a medical context.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill exposes a contact-retrieval capability (`get_company_contacts`) but does not warn that it may access and process potentially sensitive personal information such as names and business contact details. In a hospital/medical procurement setting, this raises privacy and compliance risk because users may unknowingly retrieve or redistribute personal data without necessity or consent awareness.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs the system to automatically expand a shorthand company query to all semantically matched headquarters and subsidiaries without user confirmation. This can silently broaden the target set, causing over-collection, mistaken attribution, and analysis of entities the user did not intend to investigate.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation exposes project-contact retrieval without any warning that contact information is sensitive and should be handled carefully. Absent such constraints, users or downstream agents may treat phone numbers and named contacts as normal output, increasing the risk of privacy violations, harassment, or social-engineering abuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.