ClawHub

许君山人格视角

Security checks across malware telemetry and agentic risk

Overview

This appears to be a persona-style skill with no code execution or data access, but its broad triggers and implicit activation could make the persona apply when users did not clearly ask for it.

Install only if you want this persona to influence responses. Prefer explicit activation when drafting replies or decision advice, and be cautious about using it to impersonate a real person or communicate as someone else without consent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases include very generic requests like '帮我回消息', '帮我做判断', and '按我的风格写', which can match ordinary user intents outside this persona skill. That can cause accidental invocation, leading to unintended persona steering, impersonation-style responses, or confusion about whether the model is speaking as itself or as the named individual.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill enables implicit invocation globally without any trigger restrictions, which can cause it to activate in contexts where the user did not clearly request this persona. Because the skill is designed to mimic a specific person's voice and decision style, unintended activation can steer outputs, create impersonation risk, and reduce user awareness that a persona layer is influencing the response.

Natural-Language Policy Violations

Low
Confidence
83% confidence
Finding
The default prompt instructs the system to respond in a fixed persona and style, but the file does not indicate a clear user-consent mechanism beyond being the skill's description. This is lower severity than direct code execution issues, but it can still mislead users, blur authorship, or encourage unintended impersonation if the persona is applied without an explicit and informed choice.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal