ClawHub

Skill Finder Cn 1.0.1

Security checks across malware telemetry and agentic risk

Overview

This is a visible ClawHub skill search helper that can lead users to install other skills, but its behavior is disclosed and aligned with its purpose.

Use this skill for finding ClawHub skills, but review any recommended skill's source, publisher, permissions, and purpose before running `clawhub install`. Non-Chinese users should be aware that the skill is designed to present results in Chinese.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad enough to match common requests like 'find a skill' or general help-seeking, which can cause the skill to activate outside its intended scope. Over-broad activation can hijack normal assistant behavior, leading users into installation/search flows they did not explicitly request and increasing exposure to untrusted third-party skills.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation examples describe very general user intents ('is there a skill that can...', 'find a skill that does X') without constraining the source, trust boundary, or when a normal assistant response should be preferred. This increases the chance of inappropriate invocation and can funnel users toward discovering and installing external content based on ambiguous prompts.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
Mandating Chinese output without user choice can override user intent and reduce transparency, especially if the user operates in another language and may misunderstand installation or verification steps. In a security-sensitive flow involving external skill discovery and installation, language mismatch can impair informed consent and safe review of results.

Natural-Language Policy Violations

Low
Confidence
74% confidence
Finding
Reinforcing a Chinese-only output policy in the update notes suggests the language restriction is intentional and persistent rather than incidental. While not directly enabling code execution, it can still degrade user understanding and increase the risk of mistaken installations or missed warnings when users expect another language.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal