ClawHub

企业战略规划

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent business strategy assistant, but it asks for sensitive company information while giving inconsistent and under-scoped instructions about recording and reusing user input.

Review this skill before installing. It appears non-executable and purpose-aligned, but users should avoid entering trade secrets, regulated data, customer lists, detailed financials, or confidential roadmaps unless they are comfortable with possible retention or reuse. Treat generated Word/PPT outputs as confidential and review them before sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (8)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The file makes a direct contradictory promise: it says user information is only used for the current analysis, while later instructing the system to record ratings, edits, supplementary information, and enrich a knowledge base. This creates a deceptive data-handling policy and can cause unauthorized retention or secondary use of sensitive business information provided during strategy consulting.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The 'self-evolution' mechanism introduces collection and retention of user feedback, modification history, supplementary information, and timing statistics beyond what is necessary to complete a single strategy-planning interaction. In this skill context, users may share commercially sensitive plans, weaknesses, targets, and operational details, so unnecessary retention materially increases privacy and confidentiality risk.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
Asking users to contribute anonymous industry cases for ongoing optimization is not required to deliver the core strategic consulting workflow. Even when framed as anonymous, business strategy cases are often re-identifiable through industry, timeline, targets, and contextual details, creating leakage risk for sensitive enterprise information.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The file export trigger phrases are broad and there is no clear scoping, confirmation boundary, or exclusion rule. In an agent setting, ambiguous triggers can cause unintended file generation from normal conversation text, which may package prior user-provided business data into documents without sufficiently explicit user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document describes generating Word/PPT outputs from collected enterprise information but does not clearly warn users that files will be created/exported using their supplied data. This creates a data-handling transparency issue: users may not understand that sensitive business details will be materialized into shareable artifacts, increasing accidental disclosure risk.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill explicitly solicits potentially sensitive business information such as company identity, revenue scale, strategic weaknesses, competitive gaps, customers, suppliers, and internal capabilities, but provides only a vague assurance that data is 'only for this analysis' without a real privacy notice, retention policy, minimization guidance, or consent boundary. In a strategic consulting context, these inputs can reveal commercially sensitive intelligence that could harm the user if stored, reused, or exposed.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill promises final Word/PPT deliverables derived from the user's strategic planning inputs, but does not warn that those outputs may embed sensitive commercial information collected earlier in the workflow. This increases the risk of accidental disclosure through file sharing, broader distribution, or unsafe downstream handling, especially because strategic plans often consolidate the most confidential elements of a business.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guidance instructs the system to record satisfaction ratings, modification records, supplementary user information, and timing statistics, but does not require a clear user warning or consent flow describing retention and downstream use. In a strategy-planning skill, these records can contain sensitive commercial information, making silent logging particularly risky.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal