ClawHub

IndexNow

Security checks across malware telemetry and agentic risk

Overview

This skill is a purpose-aligned IndexNow helper, but users should review URLs and handle the generated key file carefully.

Install only if you want an agent to create or reuse an IndexNow key, write verification files into your project, and submit selected public URLs or sitemap contents to search-engine infrastructure. Review bulk sitemap contents first, avoid internal or staging URLs, and keep .indexnow-key out of version control and shared logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The script accepts an arbitrary user-supplied sitemap URL and fetches it with curl, which expands the capability from IndexNow submission into generic remote retrieval. In an agent context, this can be abused for server-side requests to unexpected internal or sensitive endpoints, especially if the skill runs in a privileged network environment.

Vague Triggers

Medium
Confidence
72% confidence
Finding
The trigger list includes broad phrases such as 'submit url' and 'submit to search engine', which can overlap with ordinary conversation and cause the skill to activate unexpectedly. In this skill, accidental activation is more concerning because activation can lead to shell execution and external network calls against project files or user-provided URLs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The generated API key is both written to disk in plaintext and echoed directly to the console. This increases the chance of credential exposure through terminal logs, shell history capture, CI logs, screenshots, or permissive file permissions on the key file.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal