ClawHub

国家统计局数据采集

Security checks across malware telemetry and agentic risk

Overview

The skill does not appear malicious, but its main data-collection script can produce empty or mislabeled economic datasets while presenting them as collected NBS data.

Install only after reviewing the helper scripts and treating the crawler as unfinished. Verify any generated GDP, CPI, or PPI outputs against official NBS sources before using them, and avoid running the link checker on untrusted spreadsheets or workbooks containing private/internal links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill explicitly references local scripts, checkpoint files, raw data outputs, Excel generation, and link verification, which implies file read/write and likely shell or code execution capabilities. Having these capabilities without declared permissions weakens governance and sandboxing because an agent may perform filesystem or command actions that operators and users did not authorize or expect.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The PPI branch calls the CPI collection function and persists CPI-shaped records under a PPI filename, causing silent data integrity corruption. In a data-collection skill, this is security-relevant because downstream analysis, reporting, or policy decisions may rely on mislabeled economic data without obvious failure signals.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The script presents itself as collecting NBS data but the core fetch functions only generate placeholder records with None values and timestamps, which can mislead users into treating fabricated datasets as authentic. In this skill context, that increases the risk of poisoned analytics, false conclusions, and unsafe automation pipelines built on nonexistent source data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script extracts hyperlinks from an untrusted Excel file and automatically sends network requests to them during verification, which can leak user IP address, environment timing, and other metadata to attacker-controlled endpoints. In this skill context, workbook hyperlinks may be externally supplied, so link verification becomes an SSRF/privacy-risk style behavior without clear user warning or domain restriction.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal