ClawHub

QQ Music Browser Control

Security checks across malware telemetry and agentic risk

Overview

This QQ Music control skill is disclosed and purpose-aligned, though it uses powerful local browser automation that can affect a logged-in QQ Music account and save screenshots when asked.

Install only if you are comfortable letting an agent control a QQ Music tab through a local DevTools connection. Use a dedicated browser profile for QQ Music, avoid running the tabs diagnostic in a browser with private tabs open, and treat screenshot paths as local file writes that may contain visible account or listening information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill includes a screenshot capture feature that writes arbitrary image data from the controlled browser tab to a local file, which is outside the core music-control scope described in the metadata. Even though the code restricts screenshots to QQ Music tabs, this still introduces an unnecessary data-capture and filesystem-write capability that could expose account details, playlists, recommendations, or other on-screen personal information.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
A screenshot-and-save capability is not necessary for normal QQ Music playback control, so it materially expands the skill's privileges beyond expected user intent. This kind of scope creep is dangerous because users may invoke a music-control skill without realizing it can capture visual contents of an authenticated browser session and persist them on disk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The code saves screenshots directly to disk without any warning, confirmation, or disclosure at the time of execution. Silent persistence of captured browser content increases privacy risk because sensitive information visible in the QQ Music session may be stored locally in a way the user does not expect or notice.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal