ClawHub

360-power-saver

Security checks across malware telemetry and agentic risk

Overview

This is mostly a disclosed local power and battery diagnostic skill, with admin prompts, temporary files, and optional remote advice that users should understand before use.

Install only if you are comfortable with local system diagnostics, TEMP reports/context files, optional remote power-strategy retrieval, and UAC prompts for powercfg actions. Decline elevation unless you intentionally want the energy report or power-plan change, and clear the TEMP/360-power-saver folder if you do not want diagnostic history retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The skill explicitly forbids suspending, terminating, or freezing processes, yet later advertises '智能后台冻结' as a feature. This contradiction is dangerous because it normalizes potentially disruptive process interference under a safety banner, increasing the chance that an agent or user will authorize harmful system actions inconsistent with the declared boundary.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill claims no uploads or personal data collection while also describing cloud-based ML, habit learning, and local persistence of execution results. Even if uploads are not explicit, this creates a misleading trust model around sensitive telemetry-like processing and increases the risk of collecting behavioral or system-usage data without fully informed consent.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to fetch remote content and save it locally as a cloud-derived strategy file. Even with claims that the response is plain text, external content introduces a supply-chain and prompt/content injection surface, especially when the fetched data influences power-management recommendations or subsequent actions.

Description-Behavior Mismatch

High
Confidence
94% confidence
Finding
The script’s behavior is materially inconsistent with the declared skill purpose: a power-saving/battery utility should not contain unrelated filename anonymization logic. This kind of capability mismatch is dangerous because it can mislead reviewers, hide undeclared data-processing behavior, and indicate the skill bundle may include unexpected or improperly governed functionality.

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The file's behavior does not align with the declared skill purpose: a power-saving skill contains a filename anonymization routine instead of battery or power-management logic. This kind of capability mismatch is dangerous because it can conceal undeclared data-processing behavior, reduce auditability, and create opportunities for unauthorized handling of user data under a misleading skill label.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The embedded documentation explicitly describes data cleaning and anonymization, which contradicts the enclosing skill's declared power-saving intent. Such contradictory documentation is a security concern because it signals hidden or misplaced functionality, making it harder for reviewers and users to understand what the skill actually does and whether it processes sensitive inputs unexpectedly.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill requires append-mode logging of execution results into TEMP despite earlier privacy assurances, creating silent local retention of potentially sensitive device and usage diagnostics. Append-mode storage can accumulate historical behavioral data over time, making accidental disclosure or later misuse more likely even if the path is temporary.

Ssd 4

Medium
Confidence
92% confidence
Finding
The document uses strong safety and privacy assurances to build trust, then introduces cloud access, ML habit learning, and local persistence that partially conflict with those assurances. This is dangerous because it can socially engineer reviewers or users into approving actions they would otherwise scrutinize, reducing effective consent and increasing the chance of sensitive handling being overlooked.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal