ClawHub

每日从集思录抓取可转债基本数据、强赎倒计时、下修倒计时,支持Cookie管理和本地持久化存储

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do the advertised Jisilu data scraping, but it asks for live login cookies and keeps them in a plaintext local file.

Review before installing. Only use this if you are comfortable giving a local skill reusable Jisilu session cookies. Treat references/cookie.json like a password file, keep it out of repositories and backups, restrict local access, watch cron logs, and delete or rotate the Jisilu session cookies when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly instructs users to extract authenticated Jisilu session cookies from the browser and provide them to the skill, then store them in a local JSON file for reuse. Session cookies are effectively bearer credentials; if exposed through local files, logs, backups, or other skills on the same system, they can enable account hijacking and unauthorized access to member-only data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs storing live authentication cookies in a local JSON file without an explicit warning that these are sensitive credentials and may grant account access if stolen. Persisting session cookies in plaintext creates a local secret-exposure risk from other processes, backups, logs, or accidental file sharing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script persists active authentication cookies (kbzw__user_login and kbzw__Session) to a local JSON file in plain text, which creates a credential-at-rest exposure. Any local user, malware, backup system, or accidentally shared repository/workspace that can read that file may reuse the session to access the associated Jisilu account until the session expires or is revoked.

Ssd 3

High
Confidence
99% confidence
Finding
The skill explicitly asks the user to provide login cookies, saves them locally, and reuses them for authenticated requests. Session cookies are bearer credentials; anyone obtaining them may impersonate the user, access account-scoped data, or maintain unauthorized access until the session is revoked or expires.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal