ClawHub

China company search 风鸟

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Riskbird/Fengniao China company lookup skill, with some disclosure and routing cautions but no artifact-backed malicious behavior.

Install this only if you want Riskbird-backed China company due diligence and are comfortable sending company names, person names, entids, and related lookup parameters to Riskbird. Use a private FN_API_KEY only if URL-parameter credential exposure is acceptable in your environment, and be careful with ambiguous prompts because the skill may trigger for broad supplier, contract, or company-background requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill explicitly claims it covers essentially any China company search or risk-check need and is configured with auto_invoke=true, which can cause overly broad automatic triggering on generic user requests. This creates routing and data-minimization risk: the agent may invoke an external company-intelligence service without sufficiently specific user intent or confirmation, especially for broad business-assistance prompts.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Several examples such as supplier verification, contract background checks, and generic company lookup language are broad enough to match common enterprise-assistant requests that may not actually require this specific external skill. In combination with auto-invoke behavior, these examples can bias the agent toward unnecessary external calls and disclosure of user-provided company or personal identifiers.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The file hardcodes a shared built-in API key and returns it whenever a user-specific key is not configured. This exposes a reusable credential to anyone with access to the skill code, enabling unauthorized use of the upstream Riskbird service, quota exhaustion, attribution confusion, and possible billing or account abuse. In a compliance/KYB skill that queries third-party company data, silently falling back to a vendor-owned shared key also obscures who is making outbound requests and under what account.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The alias "签合同" is broad everyday language that can easily appear in normal conversation without an explicit intent to invoke company due-diligence workflows. In a high-sensitivity KYB/compliance skill, accidental activation could trigger retrieval of corporate risk and registry data for an inferred target, creating privacy, relevance, and overreach concerns.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The alias "供应商" is too generic and may match ordinary business discussion rather than a deliberate request to run supplier verification. Because this skill surfaces risk, legal, and enforcement data, an overly broad trigger increases the chance of unintended background screening or unnecessary exposure of sensitive corporate intelligence.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The single-word alias "老板" is highly ambiguous and common in everyday speech, making accidental invocation likely. In this skill context, it could launch executive or company lookups based on casual conversation, which is risky because the skill is designed for compliance and counterparty screening involving potentially sensitive corporate/personnel data.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal