ClawHub

TencentAds-miaowen-qa

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed Tencent Ads AI Q&A helper, but users should handle the Miaowen API token carefully.

Install only if you are comfortable using a Miaowen/Tencent Ads API key with this skill. Prefer configuring the token locally instead of pasting it into chat, avoid sending sensitive business or personal data in questions, and delete ~/.MIAOWEN_ACCESS_TOKEN or revoke the token when you no longer need it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to persist a user-provided access token to `~/.MIAOWEN_ACCESS_TOKEN` without an explicit up-front warning that the credential will be stored on disk. Storing secrets locally can expose them to other local processes, backups, shell-history mistakes, or later unintended reuse if the user did not knowingly consent to persistence.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script transmits the user's free-form question to a third-party Tencent Ads API, but the UX only shows basic usage/help text and does not clearly warn users that their input will leave the local environment. This can lead users to unintentionally send sensitive business data, account details, or personal information to a remote service.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill tells the user to paste their API token directly into the chat, creating a conversational credential-collection path. Chat channels may be logged, retained, reviewed, or exposed to other tools, so collecting secrets in natural language significantly increases the risk of credential disclosure and downstream account misuse.

Ssd 3

High
Confidence
99% confidence
Finding
The script tells the user to paste their API token into the chat so it can be saved automatically. Encouraging secret submission through chat is dangerous because chat transcripts may be logged, retained, exposed to operators, or leaked to downstream systems, resulting in credential compromise.

Ssd 3

High
Confidence
99% confidence
Finding
This repeats the same unsafe credential-handling pattern by asking the user to paste a newly obtained token for re-saving. Repetition increases the likelihood of secret disclosure and normalizes unsafe handling of credentials within conversational channels.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal