ClawHub

智能网页爬虫

Security checks across malware telemetry and agentic risk

Overview

This is a real web-scraping skill, but it needs review because it runs browser automation against arbitrary sites with Chromium sandboxing disabled and includes a vulnerable spreadsheet dependency.

Install only after reviewing the npm dependency set. Run it in an isolated environment such as a container or VM, remove or explicitly opt into Chromium --no-sandbox behavior, and scrape only sites where you have authorization while storing exported data carefully.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises exporting scraped data to JSON/CSV/Excel and writing directly to MySQL/MongoDB, but it does not warn users that running the skill can create local files or persist collected content into databases. This can lead to unintended storage of sensitive, copyrighted, or regulated data, and increases the chance of accidental data retention or overwrite in environments where users assume the tool is read-only.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automated web requests, random delays, User-Agent rotation, proxy support, and anti-bot adaptation without a clear warning about network activity, privacy implications, or legal/terms-of-service risks. In context, these features materially increase abuse potential because they facilitate large-scale scraping and evasion behavior that could be used against third-party sites without user awareness or authorization.

Known Vulnerable Dependency: xlsx==0.18.5 — 2 advisory(ies): CVE-2023-30533 (Prototype Pollution in sheetJS); CVE-2024-22363 (SheetJS Regular Expression Denial of Service (ReDoS))

High
Category
Supply Chain
Confidence
99% confidence
Finding
xlsx==0.18.5

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal