ClawHub

SEO优化检查器

Security checks across malware telemetry and agentic risk

Overview

This SEO checker is mostly purpose-aligned, but its optional AI mode can send fetched page text to OpenAI without a prominent privacy warning.

Install only if you are comfortable with a URL scanner making outbound requests. Use the basic non-AI mode for sensitive sites. Do not enable --ai on internal, authenticated, confidential, client-owned, or regulated pages unless you have approval to send page content to OpenAI or the configured model provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation advertises capabilities that require network access, environment variable access, and local file writing, but no permissions are declared. This creates a transparency and consent problem: users and platforms cannot accurately assess that the skill may read API keys, fetch arbitrary URLs, and write reports to disk before use.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill description understates behavior that includes optional transmission of webpage content to an external AI service, multi-URL analysis, and writing reports to local files. This mismatch can mislead users about data handling and system effects, especially when analyzing internal URLs or sensitive pages whose contents may be sent off-platform.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The README documents an AI mode that requires an OpenAI API key and implies sending analyzed page content to an external model service, but this capability is not clearly justified by the skill description. This creates a real data-handling and transparency risk because users may enable AI mode without understanding that website content they inspect could be transmitted to a third party.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The optional AI feature transmits scraped page content to a third-party API, which exceeds the core behavior implied by the skill description of local SEO checks. This creates a data exposure risk for internal, private, or authenticated pages a user may analyze, especially because the disclosure is not prominent in the main skill description.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README fails to warn users that enabling AI mode may send the analyzed website’s contents to an external AI service. This is dangerous because users may process internal, staging, client, or otherwise sensitive pages under the assumption that the tool performs only local SEO checks, causing unintended third-party disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The AI analysis path extracts up to 5000 characters of page text and sends it to an external API without an explicit runtime warning about data transmission. If users analyze sensitive or non-public URLs, this can leak confidential business content, personal data, or proprietary text to a third party.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal