ClawHub

HasData

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate web-data skill, but it needs Review because it teaches broad scraping and personal contact enrichment without enough privacy and authorization guardrails.

Install only if you trust HasData and need broad live web-data access. Review the external CLI installer before running it, protect the API key in ~/.hasdata/config.yaml, avoid passing session cookies unless explicitly authorized by the account owner, and do not use the enrichment features for private-person profiling, doxxing, harassment, spam, or other unsolicited targeting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill materially expands from generic web-data retrieval into person/company enrichment, email discovery, and reverse-lookup of identities from emails or phone numbers. That creates a privacy-sensitive capability for collecting and correlating personal data beyond the core stated purpose, which can enable doxxing, profiling, or non-consensual surveillance.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to install the dependency by piping a remotely fetched script directly into a shell, without any integrity verification, pinning, or warning about the risks. In an agent skill context, this is more dangerous than ordinary documentation because it normalizes unattended code execution during first use, creating a supply-chain execution path if the upstream script or distribution channel is compromised.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation instructs users to collect emails, phone-based identity matches, and related identity data without clear warnings about privacy, consent, legality, or abuse prevention. In an agent context, this can normalize sensitive-personal-data collection and increase the chance of harmful or policy-violating use.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation explicitly recommends combining business lookup with homepage scraping to extract phone, website, and email contact details, but provides no privacy, consent, or acceptable-use guardrails. In a skill designed for broad web data collection and lead generation, this materially lowers the barrier to bulk harvesting of personal or semi-personal contact data for spam, profiling, or other misuse.

Ssd 3

High
Confidence
91% confidence
Finding
These instructions actively promote enrichment workflows to find a person's employer, role, LinkedIn, followers, emails, and identity from phone/email/domain inputs. That is dangerous because it operationalizes collection and aggregation of sensitive identity/contact data at scale, which could be exploited for phishing, stalking, fraud, or targeted harassment.

Ssd 3

Medium
Confidence
83% confidence
Finding
The CSV lead-enrichment workflow encourages bulk processing of rows to append LinkedIn, role, employer, and email-related data, making mass profiling straightforward. Even when sourced from public pages, at-scale aggregation increases privacy and misuse risk and can facilitate spam, phishing, or unauthorized intelligence gathering.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal