ClawHub

效率中枢

Security checks across malware telemetry and agentic risk

Overview

This is a productivity helper, not malware, but it asks for broad permission to search, save, schedule, and delegate tasks from vague phrases without clear confirmation controls.

Install only if you are comfortable with a skill that may search private chats/files, save content to memory files, create backups, schedule reminders, use web lookup, and route requests to other skills. Use explicit confirmations before saving, backing up, scheduling, searching private content, or sending queries to the web.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger phrases are extremely broad (e.g. '效率', '日常', '帮我做', '太忙了', '没时间') and overlap with normal conversation, which can cause the skill to activate unintentionally. Because this skill can search chats, save data, and set reminders, accidental invocation could lead to unintended data access, persistence, or side effects.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill presents itself as a one-stop handler for broad daily needs without defining firm scope boundaries, making intent resolution ambiguous. In practice this increases the chance the agent routes unrelated requests into a skill that performs searching, saving, or delegation to other skills, which expands the risk of overreach.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill advertises saving conversations, recording ideas, backups, reminders, and timed tasks, but does not warn users that data may be persisted or that system state may change. Users may unknowingly authorize storage of sensitive content or creation of reminders/tasks they did not intend to persist.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The examples explicitly describe writing to MEMORY.md, logging conversations, searching memory files, and calling cron to set reminders, yet they omit any warning or confirmation step. Demonstrating side-effectful behavior as the default encourages silent file writes and scheduling operations that may expose private data or create unintended automation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases in this section are extremely broad everyday expressions such as asking for help or saying one is busy. In an agent skill, ambiguous triggers can cause accidental invocation of autonomous behavior, leading the system to perform actions the user did not explicitly intend, especially when paired with '自动判断 → 执行'.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Search commands like '找X', '搜一下X', and '查一下X' are underspecified and may match ordinary conversation without making clear whether local memory or external resources will be queried. This increases the risk of unintended data access or network actions from casual user phrasing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
These commands write conversation data or user content to persistent storage, including memory files and backups, without warning the user that data will be retained. Silent persistence can expose sensitive personal or business information to later retrieval, over-collection, or unintended sharing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes web search and fetch behavior without notifying users that their query may be sent to external services. This creates privacy and data-handling risk because sensitive prompts or identifiers could leave the local environment unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal