ClawHub

野狐棋谱下载

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Foxwq Go game-record downloader that makes disclosed outbound requests and saves SGF files locally, with usage cautions but no artifact-backed malicious behavior.

Install dependencies in a Python virtual environment, use API mode for historical games when possible, only use WebSocket mode with trusted Foxwq links, set --limit and --output-dir explicitly for nickname downloads, and do not rely on the skill's own security-audit statement as independent assurance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill performs network access, reads environment variables, and writes files, but does not declare these capabilities as permissions. This creates a transparency and policy-enforcement gap: a host may invoke the skill without realizing it can access external services and persist data locally, increasing the chance of unintended data exposure or unsafe execution contexts. The repeated 'safe' assurances in the skill text should not reduce concern; they make accurate permission disclosure more important.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases include broad terms such as '野狐围棋' and '棋谱下载', which could match ordinary conversation and cause the skill to activate unexpectedly. Because the skill can make network requests and write downloaded content to disk, accidental invocation expands the attack surface and may lead to unintentional external access or file creation. In this context, the broad trigger is more concerning than it would be for a purely informational, non-side-effecting skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal