ClawHub

HiFi Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed HiFi review assistant that retrieves public audio evidence and runs local read-only analysis scripts, with no signs of credential access, persistence, destructive behavior, or hidden data flows.

Install if you want evidence-based HiFi reviews and are comfortable with the skill searching public measurement/review sources. Be aware that it may trigger implicitly for audio gear evaluation prompts and its long-form mode is Chinese-primary unless you direct the agent otherwise.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
A superlative subjective statement ('Best soundstage ever.') exceeds the stated objective, evidence-grounded scope of the skill and is especially risky because it is presented in a structured evaluation artifact. Even if not directly harmful like code execution, it can mislead users into overtrusting exaggerated, non-falsifiable conclusions as if they were rigorously derived from evidence.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
A superlative subjective statement ('Best soundstage ever.') exceeds the stated objective, evidence-grounded scope of the skill and is especially risky because it is presented in a structured evaluation artifact. Even if not directly harmful like code execution, it can mislead users into overtrusting exaggerated, non-falsifiable conclusions as if they were rigorously derived from evidence.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The default prompt is broad product-evaluation language that can easily match ordinary user requests about audio gear, and the policy explicitly allows implicit invocation. That combination increases the chance the skill is triggered without clear user intent, causing unscoped web/search-driven behavior and unsolicited third-party content retrieval during normal conversation.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The template hard-codes Chinese-language output targets (for example, CJK length requirements and Chinese section text) without any indication that the user's language preference should be checked first. This can override user intent, reduce usability for non-Chinese users, and create prompt steering behavior that makes downstream outputs less aligned with the actual request.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The rule allows the long-form mode to activate not only on explicit user requests but also when the model 'judges a deep writeup is wanted'. That creates nondeterministic behavior and weakens user-intent boundaries, making it easier for the system to over-trigger a costly or unwanted response format without clear authorization. In this skill, that mainly affects control-flow predictability and user experience rather than creating direct code-execution risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal