ClawHub

PKU Info Spider

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill for a WeChat article crawler, with disclosed login/session behavior and no hidden install code, but users should treat its session files carefully.

Install only if you intend to work with the info-spider WeChat crawler. Treat ~/.config/info-spider/ as sensitive, avoid sharing logs or config files containing token, fingerprint, or bizuin values, clear sessions with logout when done, and use scraping features only where allowed by applicable platform terms and local rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description uses very broad trigger phrases such as generic mentions of WeChat, official accounts, QR login, and scraping topics, which can cause the skill to activate in unrelated conversations. In a security-sensitive scraping/login tool, overbroad routing increases the chance that the agent applies crawler-specific behaviors or advice in contexts where they were not explicitly requested, expanding exposure to risky functionality.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly documents persistent storage of session artifacts like token, fingerprint, and bizuin, along with scraping and anti-crawler behavior, but provides no warning about credential sensitivity, account takeover risk, or platform enforcement consequences. In this context, that omission is dangerous because it normalizes handling of reusable auth material without safeguards and could lead users or downstream agents to expose, mishandle, or retain sensitive session data.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal