Clawhub Publish 146156

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Ziniao Browser automation helper that uses a local bridge and API key, with sensitive browser-control risks that users should understand before installing.

Install only if you intend to let the agent operate Ziniao Browser through the local ZClaw bridge. Treat it like browser remote control: it may see page contents, interact with logged-in sessions, submit form input, run page JavaScript, take screenshots, and save files when directed. Use a least-privilege Ziniao/API key setup and avoid giving it tasks involving sensitive accounts unless you explicitly want that access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly enables browser automation for logins, form filling, cookie/storage control, and data extraction, but it does not warn users that these actions can modify accounts, submit sensitive data, or expose private session state. In an agent context, this omission is risky because an automated system may act on real user sessions or credentials without clear consent boundaries, increasing the chance of privacy loss or unintended account changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal