ClawHub

统计指定目录的文件类型和数量,生成Markdown格式报表

Security checks across malware telemetry and agentic risk

Overview

This is a simple directory file-type counting skill; its local file access is disclosed and tied to the stated purpose, with no hidden execution or data exfiltration behavior found.

Install only if you want an agent to inspect file names/types in directories you specify. Prefer granting read-only access if your environment supports it, since the skill’s instructions return the report in chat and do not require writing files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrase is broad enough to match ordinary conversations about file counting, which can cause the skill to activate in contexts the user did not clearly intend. In a skill with filesystem.read access, accidental activation can lead to unintended directory inspection or prompting for sensitive paths, expanding access beyond user expectations.

Vague Triggers

Medium
Confidence
80% confidence
Finding
'文件报表' is ambiguous and may overlap with many benign requests about documents or summaries, making unintended activation plausible. Because the skill reads local directories, ambiguous triggering increases the chance that the agent performs file-system operations when the user only meant a conceptual or non-local task.

Vague Triggers

Medium
Confidence
84% confidence
Finding
'目录分析' is overly general and can describe many unrelated analysis tasks, so the skill may be invoked outside its narrow intended purpose. Given the skill's filesystem permissions, this weak activation boundary makes the skill context more dangerous because a mistaken match can induce local file enumeration.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal