ClawHub

Web Automation Suite

Security checks across malware telemetry and agentic risk

Overview

This web automation skill appears broadly useful, but it includes under-scoped browser automation guidance involving bot-detection reduction and reusable login session files.

Review this skill carefully before installing. Use it only for websites and accounts you are authorized to automate, avoid stealth or bot-detection bypass settings, and treat any storageState or cookie/session file it creates like a password: keep it out of version control, restrict access, and delete it when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly recommends using `--disable-blink-features=AutomationControlled` to reduce bot detection, which is anti-detection guidance unrelated to ordinary benign browser automation. In a web automation skill that already supports scraping, bulk posting, form submission, and scheduled execution, this lowers friction for bypassing site defenses and increases abuse potential.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger scenarios are very broad, covering scraping, form filling, bulk posting, monitoring, and scheduled execution without clear guardrails or intended boundaries. This creates an over-scoped skill that may be invoked for sensitive or risky web actions in contexts where more narrowly scoped, policy-constrained tooling would be safer.

Vague Triggers

Low
Confidence
72% confidence
Finding
Claiming to handle 'all web automation needs' makes the skill's scope ambiguous and encourages use across a wide range of potentially sensitive workflows. In combination with powerful browser control features, this lack of specificity weakens safe routing and increases the chance of inappropriate activation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs users to save and reload browser `storageState` to a local file without warning that it can contain authenticated cookies, tokens, and other session artifacts. If that file is exposed, reused improperly, or committed to source control, an attacker may hijack active sessions or access protected accounts.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal