ClawHub
Back to skill

Security audit

Data Scraper

Security checks across malware telemetry and agentic risk

Overview

This scraping skill is not clearly malicious, but it needs review because it can fetch arbitrary sites while disabling TLS verification and gives weak boundaries for authenticated scraping.

Install only if you are comfortable reviewing and controlling each scrape target yourself. Avoid using it with credentials, private sessions, or sensitive accounts unless the TLS behavior and credential handling are fixed, and write outputs only to locations where scraped data can be protected or deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description is broad enough to match many generic data-collection tasks, which can cause the skill to be invoked in situations beyond the user's likely intent. In a scraping skill, over-broad routing is more dangerous because the skill can make network requests and collect external content, potentially including data from sensitive or restricted sources.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation explicitly supports login-based scraping but does not provide safeguards for credential handling, session storage, or secret exposure. This is dangerous because users may pass credentials insecurely via CLI arguments, logs, config files, or output artifacts, leading to account compromise or leakage of authenticated session data.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The code explicitly disables TLS certificate validation by setting `check_hostname = False` and `verify_mode = ssl.CERT_NONE` before fetching arbitrary user-supplied URLs. This enables man-in-the-middle interception and content tampering, so scraped data can be silently altered or requests redirected without detection.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal