ClawHub

AI Translator Pro by YQG

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only translation skill with optional output delivery to chat, files, or Feishu, and it does not show hidden code, credential use, automatic export, or destructive behavior.

Install is reasonable for translation use. Use chat output for sensitive content unless you intentionally want a file or Feishu document, and confirm the destination before writing or overwriting translated documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The manifest advertises the skill as 'zero dependencies — pure prompt-driven,' but the body explicitly includes file-writing and Feishu document operations. This mismatch is security-relevant because it hides effective capabilities from reviewers and users, undermining informed consent and making downstream automation more likely to grant broader trust than warranted.

Context-Inappropriate Capability

Medium
Confidence
81% confidence
Finding
Feishu document creation/writing expands the skill from passive translation into external data exfiltration or persistence. In a translator context, user-provided text may contain confidential business, legal, or medical content, so silently routing output into a third-party system materially increases privacy and leakage risk.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Allowing translated content to be written to a specified path or overwrite originals creates a direct file-modification capability beyond simple translation. In an agent setting, that can be abused to alter sensitive files, clobber source documents, or persist attacker-influenced content in arbitrary locations if path constraints and confirmation are absent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal