ClawHub

搜索并播放电影,支持按类型/年份/评分筛选,中英文输入,生成 iframe 播放页面

Security checks across malware telemetry and agentic risk

Overview

This skill can search movies, but it also directs the agent to use unvetted free-streaming sites and create local pages that embed arbitrary third-party playback content.

Install only if you are comfortable with the agent searching unofficial streaming sites and creating local HTML pages that load third-party iframe content. Review every playback URL before opening generated files, avoid entering personal information in embedded pages, and prefer a revised version that uses licensed providers, URL/domain allowlists, iframe sandboxing, HTML escaping, and explicit confirmation before file creation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly directs the agent to find free third-party streaming sources such as `2embed`, `vidcloud`, and `soap2day`, which are unrelated to legitimate metadata lookup and commonly associated with piracy and untrusted content delivery. This exposes users to copyright-risky services and potentially malicious pages, trackers, deceptive ads, or hostile embeds.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The generated HTML embeds an arbitrary third-party iframe URL directly into a local page and encourages the user to open it in a browser. Rendering untrusted iframe content from loosely selected domains can expose the user to malicious scripts, phishing, browser exploit chains, tracking, and other unsafe web content under the guise of local playback.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The installation guide says the skill should auto-activate for common phrases like '我想看一部科幻电影' or 'show me latest action movies', which are broad natural-language requests likely to appear in ordinary conversation. This can cause unintended invocation of a skill that performs web searches and may generate playable output pages, increasing the chance of unexpected actions or confusing context switches.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description advertises generating a playable HTML page for direct viewing, but the install documentation does not warn users that local files may be created or rendered. In a skill that surfaces movie content and iframe playback pages, silent local output generation can surprise users, obscure provenance of rendered content, and increase exposure to unsafe or untrusted embedded sources.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrases are broad and overlap with ordinary movie-related conversation, increasing the chance the skill activates in contexts where a user only wanted recommendations or discussion. Because this skill can escalate to file creation and untrusted iframe playback, overbroad triggering makes the unsafe behavior more likely to occur without clear intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states that it will write a local HTML file and return the path, but it does not prominently warn the user in advance that a persistent file will be created as part of normal use. Hidden or poorly disclosed file creation undermines user consent and can leave unexpected artifacts on disk, especially when the file contains embedded third-party content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal