ClawHub

Sb

Security checks across malware telemetry and agentic risk

Overview

This browser automation skill is not malicious, but it should be reviewed because it can use remote browser sessions and persistent login profiles without enough safety boundaries.

Review before installing. Use local mode for sensitive sites unless you explicitly trust the remote browser provider, avoid reusing personal logged-in profiles, prefer dedicated low-privilege accounts, and confirm what `browser` CLI or external tool actually supplies these commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill advertises profile creation and connection for persistent sessions but does not warn that profiles may retain authenticated cookies, tokens, and other login state. This can lead users to reuse sensitive sessions without understanding the privacy and account-takeover risks, especially in shared or cloud-backed automation environments.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill promotes automatic cloud selection and Browserbase-based remote sessions without disclosing that browsing content, credentials entered during automation, screenshots, and session metadata may be handled by a third-party remote service. Users may unknowingly expose sensitive data to external infrastructure, making this omission materially risky in a browser automation skill.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The description 'Ultimate browser framework combining best of top-rated skills' is overly broad and does not clearly limit the situations in which the skill should be invoked. In an agentic system, vague routing metadata can cause the skill to be selected for tasks beyond its safe or intended scope, increasing the chance of inappropriate browser actions, over-permissioned use, or unsafe interaction with untrusted content.

VirusTotal

No VirusTotal findings

View on VirusTotal