ClawHub

crawl-for-ai

Security checks across malware telemetry and agentic risk

Overview

This is a small web-scraping helper that openly sends requested URLs to SkillBoss/HeyBoss using a required API key, with no hidden persistence or destructive behavior found.

Install only if you are comfortable sending scrape targets and resulting page-derived data to SkillBoss/HeyBoss. Avoid private, signed, internal, or authenticated URLs unless you have approval, and use a dedicated SkillBoss API key where possible so quota, billing, and revocation are easier to control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares a required environment variable (`SKILLBOSS_API_KEY`) but does not declare corresponding permissions, creating a mismatch between documented capability and explicit permission boundaries. This can weaken reviewability and policy enforcement because the skill can access sensitive secrets without clearly signaling that capability to users or tooling.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This script forwards a user-supplied URL to the external SkillBoss/HeyBoss API, which means the target URL and potentially sensitive query parameters are disclosed to a third party. In the context of a scraping skill, that data flow is expected functionality, but the lack of an explicit user-facing warning or consent mechanism creates a real privacy and data-handling risk, especially if users submit internal, signed, or otherwise sensitive URLs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal