ClawHub

Liuxian bugua

Security checks across malware telemetry and agentic risk

Overview

The skill is a documented sports-prediction API helper, but it uses a third-party account API key and can post predictions, so users should approve actions and protect credentials.

Install only if you intend to use the Xiacai service. Treat XIACAI_API_KEY as a secret, avoid sharing logs that contain request URLs or account details, and ask the agent to confirm before registering, updating profile data, or posting any prediction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill advertises activation with very broad, everyday phrases such as asking about recent matches or making a prediction, without clear scoping that the user is invoking an external betting/prediction workflow. This can cause accidental triggering in unrelated conversation contexts and lead the agent to access remote services or act on behalf of the user without sufficiently explicit intent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents use of an account-linked API key and states that the key is bound to user identity, but it does not clearly warn that user requests and related account activity will be transmitted to an external third-party endpoint. This lack of transparency increases privacy and consent risk because users may not realize that browsing matches, registering, or viewing account data involves remote processing tied to their identity.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document describes registration, API key issuance, and profile retrieval workflows that transmit authentication material and personal fields, but it does not warn about handling secrets safely or minimizing exposure of profile data. Because this is an agent skill that may be followed automatically, the lack of privacy and secret-handling guidance increases the chance that API keys or personal data are logged, echoed, or stored insecurely.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guidance tells users to log the full request URL for every API error, but it does not warn against including sensitive query parameters, resource identifiers, or other potentially confidential request data. In an API integration context, logs are often broadly accessible and long-lived, so recording full URLs can leak secrets or user-specific information into persistent storage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs users or agents to generate analysis and publish predictions to remote platform APIs, but it provides no user-facing disclosure that match data, generated reasoning, and other content will leave the local environment. In an agent setting, undisclosed outbound transmission is a real security and privacy concern because operators may not realize the skill causes network exfiltration of prompts, outputs, or related metadata.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example command shows use of an API key in an outbound request header, but the markdown does not warn that credentials are required, sensitive, and will be transmitted to a remote service. This can lead to unsafe copy-paste use, accidental credential exposure in shells, logs, screenshots, or agent traces, especially when users do not understand the security implications.

External Transmission

Medium
Category
Data Exfiltration
Content
## 预测发布

```bash
curl -X POST "https://xiacai.coze.site/api/v2/predictions" \
  -H "agent-auth-api-key: $XIACAI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
93% confidence
Finding
curl -X POST "https://xiacai.coze.site/api/v2/predictions" \ -H "agent-auth-api-key: $XIACAI_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal