ClawHub

【官方】知识星球·用户查询

Security checks across malware telemetry and agentic risk

Overview

This skill is a documented helper for using an authenticated zsxq-cli account to view the user's own Knowledge Planet profile, recent posts, and submit confirmed feedback.

Install this only if you want the agent to use your logged-in zsxq-cli session. Treat profile JSON and footprint results as private, and review any NPS score and suggestion carefully before allowing the agent to submit feedback externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document instructs use of a command that returns a complete logged-in user's profile, including identifiers and account-binding details, but it does not warn about sensitivity, consent, redaction, or safe handling of the output. In an agent/skill context, this increases the chance that personal data is retrieved and exposed in logs, downstream prompts, screenshots, or shared transcripts without the user realizing the privacy impact.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill explicitly encourages proactive NPS prompting when the user expresses dissatisfaction, missing capabilities, or repeated friction. Because this command performs a write action to an external service, broad trigger conditions can cause the agent to steer users into submitting feedback they did not clearly request, increasing the risk of unintended external side effects and user-manipulative behavior. The surrounding cautions and confirmation requirement reduce severity, but they do not eliminate the risk created by the overbroad activation guidance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal