ClawHub

Manga Scraper

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about scraping MangaBat, but its package does not include the script it tells users to find and run, making execution provenance unclear.

Review before installing. The main concern is not hidden malware evidence, but that the skill tells agents to find and run a scraper script that is not included in this package. Only run a script whose exact source you trust, avoid broad batch downloads unless you have rights and site permission, and expect outbound requests, local image files, and optional Playwright/Chromium installation if you proceed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger description is broad enough to activate on generic user requests about downloading or scraping manga, which can cause the skill to run in situations where the user did not explicitly consent to this specific tool's behavior. In this skill's context, that is more dangerous because the tool is designed to bypass site protections and perform network retrievals, so accidental invocation could initiate potentially policy-sensitive scraping activity.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill description does not clearly disclose that it writes files to disk and may automatically launch a headless browser for fallback network retrieval. This lack of transparency can mislead users about the extent of local system changes and outbound activity, which is especially concerning here because the skill targets direct CDN access and fallback scraping behavior that may surprise users or violate expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal