ClawHub

DomainRank Submit

Security checks across malware telemetry and agentic risk

Overview

This skill transparently helps submit websites to DomainRank.app, but users should review submissions because it sends site details to an external service and can spend DomainRank credits.

Install only if you intend to submit sites to DomainRank.app. Use a dedicated API key if available, verify the website name, URL, price plan, and expected credit cost before each submission, and require explicit confirmation for both single and batch submissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

External Transmission

Medium
Category
Data Exfiltration
Content
## 提交示例

```bash
curl -X POST https://domainrank.app/api/submit-item \
  -H "Authorization: Bearer <YOUR_DOMAINRANK_API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
87% confidence
Finding
curl -X POST https://domainrank.app/api/submit-item \ -H "Authorization: Bearer <YOUR_DOMAINRANK_API_KEY>" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
for site in "Site1|https://site1.com" "Site2|https://site2.com"; do
  name="${site%|*}"
  link="${site#*|}"
  curl -X POST https://domainrank.app/api/submit-item \
    -H "Authorization: Bearer <YOUR_DOMAINRANK_API_KEY>" \
    -H "Content-Type: application/json" \
    -d "{\"name\": \"$name\", \"link\": \"$link\", \"pricePlan\": \"basic\"}"
Confidence
91% confidence
Finding
curl -X POST https://domainrank.app/api/submit-item \ -H "Authorization: Bearer <YOUR_DOMAINRANK_API_KEY>" \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal