ClawHub

携程积分助手

Security checks across malware telemetry and agentic risk

Overview

This appears to be a simple local Ctrip points tracker, though its documentation overstates automation and should explain cookie sensitivity more clearly.

Safe to use for manual local tracking. Before adding any Ctrip cookie file, treat it like an account password and keep it private. Also verify any claimed cron or Feishu setup yourself, because the included package does not implement or install that automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation examples include broad, natural-language phrases such as asking to view products or get recommendations, which can overlap with ordinary conversation and increase the chance of accidental skill activation. Because this skill can read stored account-related data and trigger follow-on actions, unintended invocation could expose private information or perform actions the user did not mean to request.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly stores a Cookie in a local file and supports account data updates, but the documentation does not clearly warn that the Cookie is an authentication artifact that may grant account access if stolen. Users may paste sensitive session data without understanding retention, file permissions, reuse risk, or whether the cookie is sent to third parties during updates.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises automatic daily monitoring and Feishu push notifications without clearly warning users that background activity will continue after setup and may disclose shopping interests, account-related information, or item alerts to an external messaging platform. Ongoing unattended execution increases the privacy risk because users may not realize when checks run, what data is sent, or who can access the notifications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal