ClawHub

opencli

Security checks across malware telemetry and agentic risk

Overview

This skill is a broad browser and website automation helper that is mostly purpose-aligned, but it gives agents access to logged-in browser sessions and automatic tool installation without enough user control.

Install only if you trust the separate opencli executable and understand how it uses Chrome sessions. Use a separate low-risk browser profile, disable or require approval for automatic installs, and require explicit confirmation before logged-in commands, screenshots, form entry, clicks, chained operations, or anything that could change account or local data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger description is extremely broad, covering generic requests about websites, browser automation, scraping, Chrome control, and even any mention of opencli commands. In an agent-routing context, this can cause the skill to activate for ordinary browsing tasks and silently expand the agent's capabilities into website interaction, scraping, or authenticated actions, increasing the chance of unintended data access or risky automation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly states that missing external CLIs may be installed automatically, but it does not require user consent, describe what will be installed, or warn that the system may be modified. This creates a supply-chain and system-integrity risk because invoking the skill for a seemingly harmless task could trigger unreviewed package installation or environment changes.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal