ClawHub

Business Opportunity Screenshot

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but its script uses unsafe shell execution and broad browser process control that users should review before installing.

Review before installing. Use only in a controlled workspace, avoid passing arbitrary query or output-name text, and be aware it may kill existing Chromium debugging sessions, open a debuggable local browser, and save screenshots/report files locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The script unconditionally runs `pkill -f "chromium.*remote-debugging"` before launching its own browser, which can terminate unrelated Chromium instances across the system that happen to match the pattern. In a shared workstation or automation host, this creates a denial-of-service risk and can disrupt other users' sessions or jobs beyond the script's scope.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill defines broad trigger phrases without any scope limits, confirmation requirements, or exclusions, which can cause accidental activation for loosely related requests. Because the skill performs external search, launches Chromium, and captures screenshots, ambiguous invocation increases the chance of unintended browser execution and data capture.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents launching Chromium in remote-debugging mode and taking full-page screenshots, but does not clearly warn users that page contents may be captured or that a debuggable browser port is exposed. This is risky because remote debugging can expand attack surface locally, and screenshots may unintentionally collect sensitive information visible in the page.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal