ClawHub
Back to skill

Security audit

招中标数据智能体-AI驱动的标讯分析Agent

Security checks across malware telemetry and agentic risk

Overview

This tender-analysis skill is mostly coherent, but it needs review because it broadly routes business questions to a third-party API, can retrieve project contacts, and advertises under-documented WeChat/email alerts.

Review before installing. Use it only when you are comfortable sending tender, company, supplier, and market-analysis queries to the documented third-party API. Keep the API key in the environment, not in chat. Treat returned contact details as personal or sensitive business data, and do not use the scheduled WeChat/email push feature unless the provider clearly explains what contact information is stored, how alerts are authorized, and how they can be stopped.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill advertises proactive WeChat/email push-task setup even though the declared integration surface only exposes tender-analysis APIs and an API key requirement. This expands expected behavior into outbound notification workflows that may require additional data collection, user contact handling, and external actions not transparently scoped or permissioned in the skill definition.

Vague Triggers

High
Confidence
95% confidence
Finding
The activation rule says the skill must be used for a very broad set of requests, including generic procurement, supplier, competitor, and market-share analysis even when the user does not mention tendering. That can cause the agent to route unrelated business-analysis prompts into this skill, unnecessarily sending user queries and possibly sensitive company information to an external third-party API.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The tool list includes retrieval of company project contact information but does not present a prominent privacy warning at introduction time. This normalizes access to personal contact data without clear notice, purpose limitation, or safeguards, increasing the risk of privacy violations and misuse for unsolicited outreach or profiling.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The contact-lookup section provides direct examples for fetching project contacts, including role-based filtering, with no accompanying warning that the results may contain sensitive personal information. Operational examples make the risky behavior easier to invoke and scale, which increases the chance of scraping, lead harvesting, or unauthorized outreach.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal