EASY_CRAWL4AI

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward webpage-to-Markdown crawler skill with disclosed setup and expected network/browser use.

Install only if you are comfortable adding Crawl4AI and Playwright Chromium locally. Use it for public or explicitly authorized URLs, avoid localhost/internal/private or logged-in pages, and choose output filenames deliberately.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger is overly broad: generic requests like 'summarize content', 'extract data', or 'analyze a webpage' can cause the agent to invoke this skill for many ordinary prompts without clearly signaling that it will fetch external URLs. That increases the chance of unintended network access, retrieval from attacker-controlled sites, and misuse in contexts where the user did not explicitly consent to web fetching.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill does not warn that it performs external network retrieval against user-provided URLs, yet its commands directly invoke a crawler and browser runtime. This is dangerous because users or higher-level agents may unknowingly trigger outbound requests to arbitrary destinations, creating SSRF-like risk, privacy leakage, internal network probing, or contact with malicious content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal