ClawHub

wos-crawler

Security checks across malware telemetry and agentic risk

Overview

This skill describes a high-impact WOS crawling and bulk PDF downloading workflow, but it lacks the referenced executable code and under-discloses cookie persistence and external download behavior.

Review carefully before installing. Do not enter WOS or institutional credentials or run referenced scripts unless the publisher provides the full source and clear controls for cookie storage, deletion, crawl limits, output paths, and which external PDF services are contacted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad enough to match common academic-assistance requests, which can cause the agent to invoke a high-risk skill in situations where the user did not explicitly ask for crawling or bulk PDF acquisition. In this skill's context, that is more dangerous because it includes automated scraping, file writing, cookie persistence, and access to questionable download sources such as Sci-Hub, increasing the chance of unintended policy, legal, or privacy violations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that WOS login cookies are automatically saved for reuse, but does not present this as a prominent user warning or require explicit consent. Persistent authentication cookies can expose institutional or personal account access if stored insecurely, reused by other local processes, or left behind on shared systems.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The workflow automatically uploads Excel input and writes downloaded PDFs to disk without clearly warning the user in the description. In context this is a real but lower-severity issue: silent filesystem writes can expose sensitive research topics, bibliographies, or downloaded documents on shared devices or in monitored directories.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal