ClawHub

UpKuaJing customs trade company search, access real global customs data and trade records to find active buyers, verify suppliers, and track competitors. UpKuaJing helps foreign trade teams discover verified import/export companies, analyze shipment flows, and convert trade intelligence into high-intent B2B leads.

Security checks across malware telemetry and agentic risk

Overview

This is a coherent paid UpKuaJing trade-data API skill, with disclosed credential, billing, and contact-data handling that users should treat carefully.

Install only if you are comfortable using a paid UpKuaJing API key with this skill. Do not paste or display the key in chat, keep ~/.upkuajing/.env private, review current pricing before searches or contact-detail batches, and require explicit confirmation before any paid call or recharge flow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill is presented as a company/trade search tool, but it also includes API key issuance and account-management flows. Expanding into identity and account provisioning increases the attack surface and may let a search-oriented skill trigger privileged actions unrelated to the user’s original request.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to read and persist API credentials in ~/.upkuajing/.env, which is sensitive credential handling beyond the stated search purpose. Local credential storage creates risk of unintended disclosure, reuse by other processes, and long-lived secret persistence without clear consent or secure secret management.

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
The documented top-up flow creates payment orders and sends payment URLs, which is a billing/payment function unrelated to basic company search. Payment initiation is high-risk because it can lead to unauthorized charges, social engineering, or pressure to complete transactions through agent-mediated flows.

Credential Access

High
Category
Privilege Escalation
Content
"envFilePath": str(env_file)
        }

    # 保存到 .env 文件
    try:
        with open(env_file, 'w', encoding='utf-8') as f:
            f.write(f"{API_KEY_ENV}={api_key}\n")
Confidence
72% confidence
Finding
.env

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal