ClawHub

拍照识万物

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only image identification skill whose behavior matches its stated purpose, with privacy and broad-trigger caveats for users to understand.

Install only if you are comfortable with uploaded images being processed by the platform's multimodal model. Avoid using it on IDs, private documents, faces, addresses, screens, or confidential images unless that handling is acceptable, and verify shopping or repair recommendations before buying parts or taking safety-relevant action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are very broad and map to common, everyday image-help requests such as '这是什么' and '帮我看看', which can cause the skill to activate in situations beyond the author's intended scope. In an agent ecosystem, overbroad triggering can hijack unrelated user requests, suppress more appropriate skills, and increase the chance that image content is routed into a tool that performs extra inference such as intent analysis and product recommendations.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list includes highly generic phrases such as “这是什么” and “帮我看看,” which are common in ordinary conversation and can activate the skill outside clear image-recognition intent. In an agent environment, this can cause unintended routing, unexpected handling of user input, and inappropriate image/shopping guidance when the user did not mean to invoke this skill.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The description says the skill triggers when users ask broad questions like “这是什么” or “帮我识别,” which is ambiguous without requiring image context or a narrower domain. This increases the chance of accidental invocation and misclassification of user requests, especially because the skill also performs scene inference and shopping recommendations beyond simple recognition.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document states that when a user uploads an image, the system automatically sends that image to the model as context, but it does not mention any user notice, consent, or privacy safeguards. Images frequently contain sensitive information such as faces, documents, locations, screens, or other personal data, so silent transmission to a third-party model endpoint creates a real privacy and compliance risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal