ClawHub

Bb Browser Openclaw

Security checks across malware telemetry and agentic risk

Overview

The skill appears useful, but it can operate through a logged-in browser session against arbitrary sites without enough explicit user control or privacy warning.

Install only if you are comfortable letting the skill interact with pages available in your logged-in browser. Use it on trusted sites, confirm the exact site and data to access before running adapter tests, and avoid sensitive accounts unless you intentionally want the agent to read that session's visible data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill invites the agent to create adapters from a broad natural-language request ('turn notion.so into a bb-browser adapter') without defining clear safety triggers, approval steps, or scope boundaries. In a browser-backed skill that operates with the user's authenticated session, this can lead to unsafe reverse-engineering or extraction workflows against arbitrary sites, increasing the risk of credential-bound data access, policy violations, or unintended scraping of sensitive content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The description emphasizes convenience but does not clearly warn that commands extract data through the user's existing OpenClaw browser login state. That omission can cause users or downstream agents to run commands on sensitive sites without realizing the tool may access private, account-scoped information visible only in an authenticated session.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal