ClawHub

互动游戏框架

Security checks across malware telemetry and agentic risk

Overview

This is a local interactive game skill with no evident hidden data access, network activity, or destructive behavior.

Install this for gameplay if you trust the source. Use explicit game-start phrases to avoid accidental activation in an agent, and do not run the ClawHub login or publish commands in PUBLISH-GUIDE.md unless you intentionally want to publish or maintain the skill under your own account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The example trigger phrase uses broad natural language ('玩游戏') that can easily appear in ordinary conversation, causing the skill to activate when the user did not explicitly intend to launch a game. In an agent environment, overly broad activation can interfere with normal workflows, hijack unrelated requests, or create confusing unsolicited behavior.

Missing User Warnings

Low
Confidence
77% confidence
Finding
The README advertises automatic save behavior but does not clearly warn users that gameplay data may be persisted automatically. Even if the stored data is only game state, silent persistence can create privacy, consent, and data-retention issues in shared or multi-user agent environments.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description says it can be installed on any agent and used by users at any time, while the invocation examples are generic and do not define clear activation boundaries. This can cause the skill to trigger in unintended contexts, interrupt normal agent behavior, or enable prompt-squatting style takeover of unrelated conversations when users use common game-related phrases.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal