ClawHub

捷帮SEO分析

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it sends user-supplied URLs to a third-party service using an admin-labeled credential without clearly disclosing that trust boundary.

Review before installing. Use it only for public URLs you are comfortable sending to jiebang.site, and avoid internal, private, authenticated, or token-containing URLs. The publisher should replace the admin-labeled key with a narrowly scoped read-only token and disclose the third-party URL processing clearly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill retrieves an admin-scoped credential from an environment variable and uses it for routine SEO-analysis requests. For a tool whose stated purpose is fetching metadata and running SEO checks on arbitrary user-supplied URLs, using a privileged admin key is excessive and violates least privilege; if the remote service is abused, misconfigured, logged, or compromised, the key could enable broader administrative actions beyond this feature.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is broad enough to overlap with ordinary discussion about SEO, metadata, or website optimization, which can cause the skill to activate when the user did not intend to invoke external analysis. In this skill's context, accidental activation is more concerning because it may lead to unsolicited network access against a provided or inferred URL.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The skill documentation does not clearly tell users that it will access external webpages and retrieve page content from the supplied URL. This weakens informed consent and can surprise users, especially if sensitive internal, staging, or private URLs are provided for analysis.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill sends a user-provided URL to an external service together with privileged authentication headers, without any disclosure or consent mechanism. This creates a data-handling and trust-boundary issue: user inputs may contain sensitive internal URLs or tokens, and the server receives them in an authenticated context that could amplify misuse, logging exposure, or backend SSRF-style processing risks on the remote side.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal