ClawHub

OpenClaw全领域教育教学超级Skill V1.0.0

Security checks across malware telemetry and agentic risk

Overview

This education helper is coherent and local-only, with the main caveat that some features automatically create files in an output folder.

Before installing, expect it to run local Python code and create teaching artifacts under ./output when using question, lesson-plan, review-curve, or batch-paper features. Avoid passing sensitive student data unless you are comfortable with it being included in local generated files, and question any marketplace prompt for wallet or credential access because the reviewed artifacts do not need it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The natural-language triggers are broad everyday education phrases, which creates a realistic risk of unintended skill activation during normal conversation. In an agent environment, accidental invocation can cause unrequested processing or downstream side effects such as file generation, especially because the skill exposes many operational modules behind casual phrasing.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document states that the skill may generate and save Word, Excel, and image files, but it does not clearly warn users that execution performs local file writes to ./output/. In agent or multi-tenant environments, silent persistence can create privacy, storage, and operational risks, particularly when users expect a text-only response and do not realize artifacts will be written to disk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal