ClawHub

C 盘清理助手

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Windows C-drive cleanup helper, but users should handle its credentials and file-migration features carefully.

Install only if you intend to let an agent inspect a Windows C drive through WinRM. Use secure credential storage, change certificate validation to a trusted/verified mode, avoid setting MIGRATION_TARGET unless you want files copied off the Windows host, and review every proposed delete or migration action before confirming.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The listed trigger phrases are very broad (e.g. generic requests to scan or clean the C drive) and can be activated by ordinary user language without a strong, explicit boundary that this skill is being invoked. In a destructive-capable skill that can scan, migrate, and potentially delete files, ambiguous activation increases the chance of unintended execution or escalation from a casual request into sensitive filesystem operations.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases include broad natural-language commands such as “清理 C 盘”, “扫描 C 盘”, and “查找大文件”, which are likely to overlap with ordinary user conversation. In a skill that can initiate disk scanning, cleanup planning, and data migration, accidental invocation increases the chance of unintended sensitive file enumeration or a workflow that leads users into destructive or exfiltration-capable actions.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill content is written entirely in Chinese and includes hardcoded Chinese interaction phrases without indicating any option for the user to choose another language. This can reduce informed consent and operational clarity for users who do not read Chinese, especially in a file-management context where misunderstandings about confirmations or destructive actions could lead to mistakes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal