ClawHub

GitHub可信来源验证

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it tells agents to profile GitHub developers across social platforms and make trust judgments using weak, region-specific signals.

Install only if you need public-profile correlation for a specific GitHub account. Treat results as limited identity-matching clues, not a trust score, hiring judgment, or safety verdict; avoid using absence from regional social platforms as negative evidence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The invocation examples are broad and loosely scoped, which can cause the skill to trigger for generic trust-assessment requests without clear user consent or boundaries. In this context, that is risky because the skill performs reputation judgments about people and may encourage overconfident conclusions from weak signals such as social-media presence.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The skill is explicitly limited to '中国开发者' and treats presence on Chinese social platforms as a proxy for whether a developer is '可信', which introduces nationality-based profiling and unjustified differential treatment. This is dangerous because it can produce biased or discriminatory assessments, pressure the agent to make trust decisions on protected or sensitive attributes, and falsely equate social-media visibility with legitimacy.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill can be invoked for broad requests like checking whether an author is 'reliable' without defining clear boundaries, evidence standards, or permitted use cases. This increases the chance the agent will perform subjective reputation assessments or identity investigations on individuals with insufficient user intent validation, creating privacy, fairness, and misuse risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes searching across multiple external social platforms to assess a person's identity and credibility, but it does not warn users that this involves cross-platform profiling of an individual. That omission is dangerous because users may not understand the privacy implications, and the agent may aggregate personal data into a de facto trust score without meaningful consent or transparency.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill is explicitly scoped to verifying 'Chinese developers' using China-specific platforms, without offering user choice or justifying the regional restriction. This is risky because it bakes nationality/locale-based assumptions into identity and trust evaluation, which can produce discriminatory or misleading outcomes and encourages biased treatment based on region-specific social media presence.

VirusTotal

No VirusTotal findings

View on VirusTotal