ClawHub

Auto Study

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates study websites, but it gives an agent logged-in browser control, can submit quiz answers, and saves course content without strong consent or cleanup controls.

Install only if you intend to let an agent control a dedicated Chrome profile for permitted practice or coursework assistance. Do not use it for formal exams, contests, or platforms that prohibit automation. Review every answer before submission, require your own final confirmation step, use a separate browser profile, and delete saved screenshots, records, scores, and profiles when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation description is broad enough to match ordinary study-related browsing and quiz assistance, which can cause the agent to activate this skill in situations the user did not clearly intend. In this skill's context, that is risky because the workflow includes browser attachment, page interaction, answer filling, and persistent profile reuse on educational platforms, increasing the chance of unintended automation on sensitive or policy-restricted pages.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill instructs reuse of a persistent browser profile and defines storage locations for records and screenshots, but does not warn about retention of cookies, login sessions, screenshots, and study artifacts that may contain personal or educational data. In this context, the risk is elevated because the targeted platforms are authenticated learning systems, so unintended profile reuse or artifact storage can expose accounts, activity history, and sensitive course content across tasks or users.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to take a full-page screenshot and persist quiz questions and answers to local disk, but provides no user notice, consent step, retention limit, or data-minimization guidance. Because this is an educational platform page that may contain personal information, course data, and assessment content, local storage increases the risk of privacy leakage and unauthorized retention of sensitive page data.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill defines a workflow for submitting quiz answers on a platform where submission is irreversible, yet it does not require a user-facing confirmation immediately before the final submit action. In this context, the skill is automating academic quiz completion, so an unintended or incorrect submission can directly cause irreversible grade impact, academic integrity issues, and loss of user control over a high-stakes action.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to save a screenshot of the exam result page and append the final score to markdown, while earlier workflow steps also record all questions. That creates persistent storage of potentially sensitive academic data without any consent, minimization, retention, or privacy warning, increasing the risk of unauthorized disclosure or misuse of exam content and student performance information.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to create a task directory, capture screenshots of all exam questions, transcribe them into markdown, append answers, and record the final score. That is a real safety issue because it causes persistent local data creation and storage of potentially sensitive educational content and results without any user-facing consent, retention limits, or warning about modifying local files.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal