ClawHub

Salary Research

Security checks across malware telemetry and agentic risk

Overview

This salary lookup skill may be useful, but it also points users toward internal compensation-data uploads and runs an unreviewed local salary command, so it needs careful review before use.

Install only if you trust the external salary-natural binary and understand where any uploaded salary data goes. Do not use the enterprise upload features with confidential compensation records unless the publisher documents storage location, retention, deletion, access controls, and authorization requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill metadata and top-level description present the capability as salary querying and report generation, but the documentation also introduces internal enterprise data upload, querying, and reporting workflows. This expands the operational scope into handling potentially sensitive internal compensation data without clearly declaring that capability, which can mislead reviewers, users, or policy enforcement systems about the actual data access and retention risks.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The natural-language trigger conditions include broad everyday phrases such as '查一下', '看看', and '帮我查', which can cause the skill to activate in contexts where the user did not intend salary research. In a skill that may scrape external sources or process internal salary datasets, overbroad triggering increases the chance of unintended data access, network activity, or disclosure in response to ambiguous requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states that it may call public recruitment APIs, scrape websites, and upload internal enterprise data, yet it provides no warning about privacy, authorization, data provenance, terms-of-service compliance, or the sensitivity of compensation records. This is dangerous because users may provide proprietary salary data or trigger collection from sources with legal or policy restrictions without informed consent or safeguards.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal