ClawHub

House Buying Advisor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent house-buying advice skill, but it includes explicit deceptive negotiation tactics in a high-value real-estate context.

Review the negotiation sections before installing. The skill is useful for checklists, policy verification, listing comparison, and truthful preparation, but avoid fabricated claims, impersonation, covert elicitation, or sharing unredacted bank screenshots or unnecessary financial details. Verify legal, tax, loan, and contract issues with official sources or qualified professionals.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes very broad, everyday terms such as 买房, 看房, 中介, and 议价, which can cause the skill to activate in conversations that are only loosely related to second-hand home purchases. Unintended invocation can expose users to irrelevant guidance, override more appropriate skills, and increase the chance that sensitive financial or housing information is elicited in the wrong context.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The metadata and content strongly constrain operation to Chinese without indicating any language negotiation or fallback, which can lead to poor user comprehension, mistaken financial decisions, or inaccessible advice for users who interact in another language. In a high-stakes domain like real-estate purchasing, language mismatch increases the risk of misunderstanding prices, loan terms, taxes, and contract guidance.

Ssd 4

Medium
Confidence
95% confidence
Finding
The file explicitly recommends deceptive persona selection and concealing the buyer's true intent to manipulate a realtor and gain negotiation advantage. While not a classic software exploit, this is unsafe behavior design: it encourages fraud-adjacent social engineering tactics and could facilitate misuse of the agent for deception, reputational harm, or unethical acquisition of sensitive information.

Ssd 3

Medium
Confidence
91% confidence
Finding
The skill directs the AI to capture a realtor's conversational disclosures in real time, cross-reference them, and preserve sensitive details such as anchor prices, prior offers, and owner circumstances for strategic use. In context, this operationalizes targeted social engineering and collection of potentially sensitive personal or negotiation data without clear minimization, consent, or use-boundary controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal