ClawHub

Multi Engine Search for Agent

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Novada web search and URL extraction skill, with expected API-key and network use, but users should avoid sensitive queries or private URLs.

Install only if you are comfortable using a Novada API key and sending search terms, URLs, and selected research-result URLs to Novada. Avoid secrets, internal-only links, authenticated pages, regulated data, and proprietary identifiers. Do not blindly execute action-links output; review any printed shell command before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
82% confidence
Finding
The documentation describes the tool as 'read-only' while also offering an `action-links` format that emits shell `open` commands for automation. Even if the commands are only printed, agents or users may execute them blindly, which creates a command-generation surface and weakens the read-only safety claim.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill exposes an `action-links` mode that emits shell commands such as `open "<url>"` for URLs derived from search results. In an agent setting, downstream systems may execute generated commands automatically or present them as trusted actions, creating a command/action injection and unsafe tool-use surface not necessary for a search API.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is a search/external-fetch tool that sends user queries to `scraperapi.novada.com`, but the documentation does not clearly warn that prompts, search terms, and possibly result-related metadata are shared with a third-party service. In agent settings, users may submit sensitive internal terms or identifiers, so lack of disclosure can lead to unintended data exposure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Extract mode submits arbitrary URLs to an external service and may cause fetched page content to be processed remotely, yet the documentation omits an explicit warning about that data flow. This is especially sensitive because extracted pages may contain private documents, authenticated resources, or proprietary content that users do not realize is leaving their environment.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill exposes web search, URL extraction, and research tools that necessarily transmit user-provided queries and URLs to an external service, but the tool descriptions do not clearly warn users or calling agents about that data flow. In an agent setting, this can cause sensitive prompts, internal URLs, or confidential research targets to be sent off-platform without informed consent, increasing privacy and data-handling risk.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal