ClawHub

龙虾玄学运势大师

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese entertainment fortune-telling persona with no code, credentials, tools, or data access, though its triggers and eval metadata are a bit loose.

Install only if you want a Chinese-language, humorous fortune-telling assistant. Treat its predictions as entertainment, and be aware it may activate on broad mood or luck-related phrases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The evaluation file names the skill as "lobster-slacker" while the manifest context identifies it as "lobster-fortune". This inconsistency can cause the wrong evals to be associated with the skill, weakening validation coverage and potentially allowing unintended or policy-violating behavior to ship unnoticed.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
An eval expecting "摸鱼建议" and slacking-oriented output expands behavior beyond the declared fortune-telling scope into workplace avoidance advice. Misaligned evals can train or incentivize the agent to produce off-scope content, increasing the chance of inappropriate guidance and undermining the intended safety and product boundaries.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger list is excessively broad and includes vague, everyday phrases such as feeling down or asking for good luck, which can cause the skill to activate in conversations where the user did not clearly request fortune-telling. This creates unintended interception risk, where the skill may override more appropriate assistants or workflows and produce unsolicited guidance in sensitive contexts.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The skill description mandates Chinese-language behavior without offering language negotiation or documenting that the skill is intentionally Chinese-only. This can lead to accessibility and usability problems, including misfires for users who match an English trigger but cannot understand the response, though it is not a direct security exploit by itself.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal