ClawHub

Jing Xiandong Perspective V2

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be an advisory persona for business topics, with no evidence of hidden code, data access, persistence, or destructive behavior.

Install this if you want a business-advisory persona to help frame compliance, IPO, crisis-management, or similar business questions. For legal, financial, public-company, or crisis decisions, treat its output as general guidance and verify with qualified professionals; explicitly state when you do or do not want the persona used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation section includes broad scenario triggers such as '企业合规怎么做', '上市需要准备什么', and '危机处理', which are common business queries and not uniquely tied to this persona. This can cause unintended skill activation, leading the agent to answer in a constrained persona when the user did not explicitly request it, reducing reliability and potentially biasing high-stakes business or compliance guidance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal