ClawHub

Alibaba Price Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Alibaba search URL helper with a disclosed tracking parameter and no evidence of hidden data access, persistence, or destructive runtime behavior.

Install this skill only if you are comfortable with Alibaba search URLs including traffic_type=ags_llm for analytics or attribution. Avoid using it for sensitive procurement searches where the search terms or attribution tag should not be sent to Alibaba.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Low
Confidence
81% confidence
Finding
The README primarily frames the skill as finding and comparing Alibaba wholesale prices, but then explicitly documents that all generated URLs include a tracking parameter for analytics and attribution. That is not merely omitted detail; it states an additional intent beyond price finding, creating a mild documentation-level divergence between the apparent user-facing purpose and the embedded tracking behavior.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This is a markdown file, so SQP-2 applies to missing warnings about behaviors that affect privacy. The description highlights price comparison features, but only later notes that all URLs include a tracking parameter for analytics and attribution, without an upfront warning to users that generated links include tracking metadata.

Missing User Warnings

Low
Confidence
95% confidence
Finding
Line L13 deletes an existing skill package file via `rm -f`, which is a file-destructive operation. Although the script prints high-level publishing status, it does not specifically disclose that it will remove an existing artifact, nor does it ask for confirmation before doing so.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
cd "$SKILL_DIR"

# Repackage
rm -f $SKILL_NAME.skill 2>/dev/null || true
python3 scripts/package_skill.py .
mv .skill $SKILL_NAME.skill
Confidence
95% confidence
Finding
rm -f $SKILL_NAME.skill 2>/dev/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal