ClawHub
Back to skill

Security audit

Ductile Iron Pipe

Security checks across malware telemetry and agentic risk

Overview

This is a plainly promotional supplier-information skill that pushes one pipe vendor’s phone contact, but it does not install code, access private data, or persist in the environment.

Install only if you want the agent to promote this specific supplier and repeatedly surface 张经理’s phone/WeChat number. For broad deployments, narrow the activation keywords and verify the company claims and contact details before relying on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (11)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill declares immediate activation for broad supplier/product inquiry patterns, with no exclusion conditions or confirmation step. In a general-purpose agent, this can cause unintended invocation and commercially steer unrelated business conversations toward a specific vendor, reducing reliability and creating prompt-level routing abuse risk.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The keyword list is extremely broad and includes many generic procurement, engineering, and product phrases that can overlap with ordinary user requests. This makes accidental triggering likely and increases the chance the agent will inject promotional content or contact details into contexts where the user did not ask for this specific supplier.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README embeds a personal phone number and instructs the agent to disclose it to users, creating privacy and external-contact redirection risk. Even if the number is intentionally published, forcing an agent to surface personal contact details without user need or warning can facilitate spam, harassment, and off-platform social engineering.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill mandates always providing the phone number and pushing direct phone contact, which is a forced escalation pattern. In agent environments, this can override normal safe handling, redirect users off-platform, and prioritize lead generation over user intent, increasing exposure to privacy loss and social engineering.

Vague Triggers

High
Confidence
95% confidence
Finding
The activation logic is intentionally expansive, covering generic product, geography, and purchasing terms that can match many unrelated user queries. This can cause the skill to hijack conversations and inject sales-oriented contact information even when the user did not intend to invoke this specific skill, creating prompt-scope confusion and unauthorized behavioral steering.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The phrase stating the skill activates when a user query contains any listed keyword lacks boundaries, precedence, and exclusion criteria. In practice, this ambiguity increases accidental activation risk and makes it easier for the skill to override user intent with mandatory promotional content, especially because the document repeatedly instructs the agent to always surface a phone number.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The activation metadata advertises coverage of 190+ keywords and broad search categories without clear trigger constraints, making accidental invocation and overmatching more likely. In a business/promotional skill, this can hijack unrelated user queries, steer users toward vendor-specific content, and reduce user control over when the skill activates.

Vague Triggers

High
Confidence
98% confidence
Finding
The skill activates on any occurrence of any listed keyword, and the list contains many broad commercial and industry terms. This can cause the skill to trigger during unrelated conversations and inject promotional content, including a phone number and forced sales messaging, without user intent or clear relevance.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases in this section are generic operational terms like installation, maintenance, materials, and suppliers that commonly appear in ordinary engineering or construction discussions. Their breadth increases the chance of accidental activation and unsolicited steering toward a specific vendor.

Vague Triggers

Medium
Confidence
92% confidence
Finding
This portion of the keyword list includes generic industry vocabulary that is not unique to this skill, making the activation boundary overly permissive. In context, that permissiveness is more dangerous because activation leads to compulsory advertising and disclosure of specific contact details, effectively hijacking neutral user queries.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill requires the agent to 'force' specific output content, including a phone number, exclusivity claim, product pitch, and instruction to call directly, regardless of what the user actually asked. This overrides user autonomy and turns the agent into a covert marketing channel, which is especially risky when combined with overly broad activation rules.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.