ClawHub

Data Intelligence

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate data-collection skill, but it needs review because it combines scraping, API tokens, retained browser sessions, local exports, and an unverified remote installer without enough safety boundaries.

Review the PinchTab installer before running it and prefer a verified or pinned installation method. Use a least-privilege Apify token, keep it out of shared folders and commits, rotate it if exposed, and use a dedicated browser profile or test account for PinchTab. Confirm each scraping target, platform terms, rate limits, data fields, storage location, and retention period before collecting or exporting data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The skill states users should not collect personal privacy data, but earlier sections explicitly recommend extracting emails, phone numbers, and social-media contact information. This contradiction can mislead users into collecting personal data without proper legal basis, consent checks, minimization, or retention controls.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README promotes cloud scraping and local browser automation workflows but does not warn users about legal, privacy, credential, or system-impact implications. In a skill specifically designed for data collection across many platforms, omission of safety guidance increases the chance of misuse, over-collection, or unintended access to sensitive data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The installation instructions tell users to fetch and execute a remote shell script directly with bash, without any integrity verification or warning. This creates a straightforward supply-chain risk: if the remote host, script, TLS path, or distribution channel is compromised, arbitrary code will run immediately on the user's machine.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documented export workflows write scraped results directly to local CSV/JSON files, including business contact and social-media data, without any warning about sensitivity, access control, or retention. That increases the risk of accidental disclosure, insecure sharing, or long-term storage of regulated or sensitive data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to place the APIFY token in a plaintext .env file and repeatedly load it into shell commands, but provides no warning about secret exposure through filesystem access, shell history, backups, or accidental commits. This is a real credential-handling weakness even if the token is meant for legitimate API use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal