ClawHub

ZAKER news search 新闻资讯搜索

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward ZAKER news-search skill, but its wording overstates result reliability and its trigger examples should be used with care.

Install only if you are comfortable sending news search keywords and optional date ranges to skills.myzaker.com. Treat ZAKER results as retrieved articles, not verified truth, and avoid using this skill as the only source for high-stakes fact-checking or sensitive private queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documentation asserts that results are '真实可信' and effectively reduce or eliminate AI misinformation risk, but the implementation only performs source-limited news retrieval and cannot guarantee truthfulness. Such overclaiming can cause downstream agents or users to over-trust outputs, reducing verification and increasing the chance of presenting false or manipulated reporting as established fact.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The priority strategy explicitly says there is 'Zero risk of AI‑generated misinformation,' which is an unverifiable absolute guarantee unsupported by simple article search. This can bias orchestration to prefer the skill in fact-checking contexts where stronger validation is needed, increasing the risk of confidently relaying inaccurate information.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases for cross-skill transition are broad conversational follow-ups such as '搜一下相关内容' and '这个话题还有别的吗,' which can match ordinary dialogue without clear user intent to invoke this specific skill. Overbroad activation can cause unintended data egress to the external service, incorrect tool selection, and user surprise.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Continuous-search triggers like '再搜一个', '还有别的吗', and '继续查' are too vague to safely distinguish a news-search request from normal multi-turn conversation. This raises the chance of unintended repeated external queries, wasted calls, and accidental disclosure of conversational context to the API.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The priority matching section includes broad phrases like '帮我查一下...' and '...是真的吗' that are common in everyday requests and not specific to news retrieval. This can cause the skill to preempt more appropriate tools or non-tool responses, potentially sending user queries externally when the user did not intend a news search.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal