ClawHub

旅游行李清单

Security checks across malware telemetry and agentic risk

Overview

The skill's travel-packing function is legitimate, but it gives conflicting privacy claims while sending destination weather lookups through a hardcoded external proxy.

Install only if you are comfortable with destination city queries being sent to a third-party Gaode proxy for weather lookup. Prefer the quick mode for local-only packing suggestions, and treat the local-only privacy statement as unreliable until the publisher corrects the documentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill documentation indicates network use via a proxy service and the Gaode weather API, yet no corresponding permission or capability disclosure is declared. This creates a transparency and review gap: users and platform reviewers may assume the skill operates locally while it actually transmits user-supplied destination/travel context externally.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The file contains contradictory statements: one section says user input flows to a proxy service and Gaode weather API, while another claims all data is local and no external requests are sent. This is dangerous because it misrepresents data handling, preventing informed consent and undermining security review of third-party data exposure.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
Claiming the skill is purely local and does not collect user data is inaccurate when destination and trip details are documented as being sent to an external proxy/API. Even if the data is not permanently stored, transmission to external services is still data sharing and can expose travel plans or location-related personal information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The markdown denies external requests despite earlier stating that destination/weather data is sent to a proxy and Amap Weather API, and it provides no clear privacy warning. Users may reveal sensitive itinerary information under false assumptions about local-only processing, increasing privacy and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user-provided destination data to an external third-party proxy service without any user disclosure, consent flow, or trust boundary documentation. Even though the data is not highly sensitive by itself, travel destinations can reveal location plans and habits, and the hardcoded proxy adds supply-chain and privacy risk because all requests depend on an unaudited intermediary.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal