ClawHub

掘金自动发布

Security checks across malware telemetry and agentic risk

Overview

This skill has a legitimate publishing purpose, but it asks users to persist a full Juejin login cookie and enables automated public posting without enough safety guidance.

Review before installing. Only use this with a Juejin account you are comfortable automating, treat the cookie like a password, avoid storing it in shared or committed files, inspect the referenced Python scripts before running them, and disable automatic or batch publishing unless you have clear manual review controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to store a full authenticated Juejin cookie in a local config file and use it for automation, but it does not clearly warn that this cookie is a bearer credential that can grant account access if exposed. Because the skill is specifically designed to automate actions on a third-party account, the absence of credential-handling guidance materially increases the risk of account takeover or unauthorized posting.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents sending the user's authentication cookie to the Juejin API as part of publishing, but it does not provide an explicit warning that account credentials and article content are being transmitted over the network to a third party. In this context, users may unknowingly expose session credentials or automate privileged actions without understanding the security implications.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal