ClawHub

Web Crawling Rendered Html API

Security checks across malware telemetry and agentic risk

Overview

This is a focused Just Serp web-crawling API wrapper, with expected privacy risks around sending URLs and returned HTML to an external service.

Install only if you are comfortable sending target URLs to Just Serp API and receiving raw rendered HTML in the chat or tool output. Do not use it for private dashboards, authenticated pages, localhost/internal services, cloud metadata endpoints, confidential documents, or URLs containing tokens unless you have explicit authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly supports fetching full rendered HTML from arbitrary user-supplied URLs, but it does not warn users that responses may contain sensitive page content, private data, or authenticated-session material if used against internal or logged-in pages. Because the skill also instructs returning raw JSON after a summary, it increases the chance that sensitive scraped content is echoed back into chat or logs without appropriate caution.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill forwards a user-supplied target URL together with the caller's API key to a third-party service, which creates a real data-disclosure and trust-boundary issue. Even though this is the intended purpose of a web-crawling interface, the code provides no warning, allowlist, or validation to help users understand that arbitrary URLs they supply will be fetched by an external provider and may expose sensitive internal endpoints, tokens embedded in URLs, or private targets to that provider.

Vague Triggers

Low
Confidence
85% confidence
Finding
The skill exposes a general-purpose web-crawling capability with only a user-provided URL and no documented restrictions on allowed targets, schemes, or use conditions. In an agent setting, this can enable unintended access to arbitrary external or internal endpoints, creating SSRF-style abuse, unauthorized probing, or data collection beyond the user's expected scope.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The manifest does not disclose that user-supplied URLs are transmitted to a third-party crawling service, which can expose sensitive URLs, query strings, tokens, or internal resource identifiers to an external processor. This lack of transparency increases privacy and data-handling risk, especially if agents pass user-provided or contextual URLs without adequate warning or consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal