ClawHub

Xuanself

Security checks across malware telemetry and agentic risk

Overview

Xuanself is a coherent market-research reporting skill that uses expected web/API research and local Word report generation, but users should handle API keys carefully.

Install only if you are comfortable with live web/API searches, local DOCX file creation, and storing your own API keys locally. Use limited-scope keys where possible, do not commit or share data_sources.json after filling it in, and review generated reports and output paths before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document explicitly instructs users to place API keys directly into a local JSON file but provides no guidance on secret handling, file permissions, exclusion from version control, or safer alternatives such as environment variables. This increases the chance of accidental credential exposure through backups, repository commits, shared home directories, or support bundles, especially because the skill is designed for operational use with third-party services.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The README advertises activation via broad natural-language phrases like '生成俄罗斯血糖检测设备市场报告' and similar requests without clearly scoping when the skill should or should not take over. In an agent environment, this can cause unintended invocation during ordinary conversation, leading the skill to autonomously perform searches, collect external data, and generate reports when the user may not have explicitly opted in to this workflow.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The documentation states that the report output is in Chinese by default, with Russian terminology appended, but does not indicate any user choice, locale detection, or opt-in for language selection. This can cause the agent to produce deliverables in an unintended language, which is a workflow integrity and usability issue and may also increase the chance of mishandling user expectations in multilingual environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal