ClawHub

【官方】知识星球·主题管理工具

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Knowledge Planet topic-management helper, with visible account-changing powers that match its purpose but require careful user confirmation.

Install only if you want an agent to operate your Knowledge Planet account through zsxq-cli. Before posting, editing, replying, answering, tagging, setting digest status, or deleting, verify the exact group_id or topic_id, target content, and final text; treat topic deletion as permanent and verify the zsxq-cli binary comes from a source you trust.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is very broad and covers many common content-management actions such as searching, posting, editing, commenting, deleting, and managing tags. In an agent setting, overly broad routing criteria can cause the skill to be invoked for loosely related requests, increasing the chance of unintended destructive or privacy-sensitive actions like posting, editing, or deleting content in the user's account.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
The skill metadata and description are written only in Chinese and indicate Chinese-language operation without any stated locale negotiation or user-choice mechanism. This can cause the wrong skill to be selected or produce content in an unexpected language, which may confuse users and increase the risk of mistaken approval of sensitive actions in a content-management workflow.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal