ClawHub

Web Scraper

Security checks across malware telemetry and agentic risk

Overview

This is a functional web-scraping skill, but it gives under-scoped guidance for bypassing site defenses and handling login/session cookies.

Install only for scraping public or clearly authorized sites. Avoid using the cookie/login, CAPTCHA-solving, proxy-rotation, and webdriver-bypass sections unless you have explicit permission and a controlled use case; prefer official APIs and review or pin Python dependencies before running the Selenium tooling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The file explicitly provides instructions for authenticating to a site and exporting or saving session cookies, despite later stating to never scrape login-protected content. That contradiction materially enables access to authenticated content and can facilitate unauthorized scraping, credential misuse, or exfiltration of private data.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
This documentation goes beyond normal scraping by explicitly recommending CAPTCHA-solving services and browser fingerprint spoofing to evade anti-bot protections. In the context of an agent skill, this materially enables circumvention of website access controls and can facilitate unauthorized data extraction at scale.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill description is broadly worded and may cause the agent to invoke this skill for many generic web-data tasks, including contexts where scraping is inappropriate or restricted. In a skill that includes anti-blocking and proxy guidance, over-broad activation increases the chance of misuse or policy bypass.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The overview repeats expansive activation guidance without concrete scope limits, which can normalize use of the skill outside safe or intended contexts. Because the skill also discusses anti-blocking techniques, ambiguous routing makes unsafe application more likely.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file documents stealth scraping tactics, proxy rotation, CAPTCHA handling, and fingerprint spoofing without any warning about legal, privacy, account, or terms-of-service implications. That omission makes misuse more likely by normalizing anti-detection evasion as standard practice for the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal