ClawHub

Opencli Content Hunter

Security checks across malware telemetry and agentic risk

Overview

This is a coherent content-scraping skill, but it asks users to install external browser tooling and reuse logged-in Chrome sessions across many platforms with insufficient privacy and scope controls.

Review carefully before installing. Use a dedicated Chrome profile or test accounts, choose the smallest platform set needed, avoid sensitive work, finance, education, private-message, or personal accounts, install the CLI and extension only from sources you trust, and disable or remove the extension when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs users to install a developer-mode Chrome extension and reuse existing browser login state across many third-party platforms. That materially expands the trust boundary: a content-fetching skill gains indirect access to authenticated sessions, potentially exposing private account data, subscription content, or actions available through the extension/browser bridge. In this context, the risk is elevated because the skill targets numerous consumer platforms and normalizes persistent login reuse as part of routine operation.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to match common user requests like '搜AI' or '抓热门,' which can cause unintended invocation of a high-capability skill. In this skill, accidental activation is more dangerous because the documented workflow can lead to installation guidance, broad platform enumeration, and possible authenticated scraping across many services.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest says the skill must trigger whenever users mention broad phrases related to cross-platform search or hotspots, without sufficient constraint. That creates a prompt-routing risk where ordinary conversation can invoke a capability that encourages tooling setup, platform selection, and potentially authenticated data access, increasing the chance of unintended or overbroad execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal