ClawHub

Beatport Download via Browser Tool

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Beatport downloader, but it needs review because it can handle credentials, session cookies, internal tokens, browser downloads, and bulk account actions with weak scoping.

Install only if you are comfortable giving the skill control of a Beatport-authenticated browser session. Use a dedicated browser profile with no unrelated logged-in accounts, confirm the exact tracks and download folder before running bulk actions, and avoid exposing or logging cookies, access tokens, or passwords.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is described as downloading previously purchased tracks, but the documented key URLs and purposes explicitly include cart and checkout pages, which expands the operational scope into purchasing workflows. That increases the chance an agent may navigate into payment-related actions or expose sensitive billing context beyond the user's intended request.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill goes beyond browser-assisted downloading and documents direct extraction of access tokens, build IDs, cookies, and internal JSON endpoints. This creates a credential/token handling risk and enables scraping or reuse of authenticated session material outside the stated workflow, expanding abuse potential if the skill or logs are compromised.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases are broad enough to match common requests about downloading music or tracks, which can cause the skill to activate in contexts where the user did not specifically request Beatport credential use or local file saving. Because this skill handles authentication and downloads files, overbroad triggering raises the risk of unintended execution on sensitive accounts.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill handles Beatport credentials, authenticated browser sessions, and local file downloads, but the description does not clearly warn about these sensitive operations. Without explicit disclosure and consent expectations, users may not understand that passwords, cookies, downloaded archives, and extracted media will be processed and stored locally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This helper exposes a generic CDP cookie-extraction primitive using Network.getAllCookies, which can retrieve authentication cookies from the automated browser session. In the context of a skill that logs into Beatport and handles authenticated downloads, this materially increases risk because any downstream caller can harvest session cookies and potentially replay or exfiltrate them, leading to account takeover or unauthorized access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal