ClawHub

Edison Agent Reach

Security checks across malware telemetry and agentic risk

Overview

This is a broad web-automation skill that is mostly purpose-aligned, but it needs review because it can handle account cookies, publish to platforms, fetch mutable setup instructions, and use anti-bot bypass tooling.

Install only if you trust the publisher and need broad web automation. Use isolated browser profiles or test accounts, avoid providing valuable account cookies, review the remote install guide and helper code before setup, avoid anti-bot bypass workflows unless authorized, and require explicit confirmation before any post, comment, publish, or account-changing action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs use of tooling to bypass WeChat anti-bot protections, which goes beyond ordinary content retrieval and encourages evasion of platform safeguards. In an agent context, this can lead to automated access that violates platform restrictions, increases account or IP blocking risk, and normalizes anti-detection behavior without user consent or compliance checks.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list contains broad phrases such as generic search and help requests that are likely to match many normal conversations. This increases the chance of unintended activation of a powerful internet-enabled skill, causing unexpected browsing, external requests, or platform interaction when the user did not intend to invoke it.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises posting, commenting, and interacting on external platforms but does not include a clear warning that these actions can make live external changes. In an agent setting, that omission can cause accidental publication or modification of third-party accounts and content without sufficient user awareness.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Telling users to provide cookies for channel setup without a strong security warning encourages handling of authentication material as ordinary input. Cookies are sensitive credentials that can enable account takeover or session hijacking if logged, retained, or reused by the agent or connected tools.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions describe anti-bot bypass behavior without warning users about compliance, account suspension, IP blocking, or legal and policy risks. In context, this makes the capability more dangerous because it operationalizes evasive access techniques for routine use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal