ClawHub
Back to skill

Security audit

信创与IT信息化采招分析-数字政府国产化选型情报

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed tender and procurement analysis skill that uses an external API and optional web search, with privacy-sensitive contact lookup that users should handle carefully.

Install only if you are comfortable sending procurement and company-analysis queries to the provider API and, for enriched research, to web search. Keep ZLBX_API_KEY in an environment variable, avoid entering confidential strategy unless appropriate for those providers, and use contact lookup only for authorized business purposes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill exposes a company contact lookup function, including project contact names and phone numbers, which goes beyond ordinary procurement analytics and introduces personal-data handling risk. Without clear purpose limitation, authorization checks, and privacy guidance, the capability could be used for bulk harvesting, unsolicited outreach, or profiling of individuals tied to procurement activity.

Vague Triggers

High
Confidence
95% confidence
Finding
The activation rule is extremely broad: it says the skill must be used for essentially any IT, informationization, cloud, software, server, database, or security procurement request, even when the user does not mention 信创. Overbroad triggering can cause unnecessary transmission of user requests to an external procurement service, creating data-sharing and misrouting risk and increasing the chance that unrelated or sensitive enterprise queries are handled by the wrong skill.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The markdown advertises retrieval of company project contacts without any warning that the feature may surface personal data such as names and phone numbers. In procurement contexts this makes the skill more dangerous because the data can be used for scraping, targeted solicitation, social engineering, or deanonymization of individuals involved in projects.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The internet-enhanced analysis section instructs the system to supplement queries with external web sources but does not warn users that their queries or derived search terms may be sent to third parties. This matters because procurement and competitive-intelligence requests may contain sensitive business interests, and silent sharing with external sources can leak strategic intent or confidential research topics.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal