ClawHub

Web Crawling API

Security checks across malware telemetry and agentic risk

Overview

This web-crawling skill appears purpose-aligned, but it gives agents broad URL-fetching capability through a third-party service without clear user-facing scope or privacy warnings.

Install only if you are comfortable with agents sending requested URLs to Just Serp for crawling. Avoid submitting private intranet links, localhost/cloud metadata addresses, unreleased content, or URLs containing tokens or personal data; prefer explicit confirmation before each external fetch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill exposes generic web-crawling endpoints that accept arbitrary user-supplied URLs, but the manifest provides no scope restrictions, allowlists, or exclusion guidance. In an agent setting, this can enable misuse such as fetching attacker-chosen destinations, accessing sensitive internal endpoints if downstream systems permit it, or collecting content from sites the user did not realize would be queried via a third party.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill sends user-provided URLs to an external service, but the manifest does not clearly warn that these URLs and associated retrieval activity are shared with a third-party API provider. This creates a privacy and data-governance risk because users may submit sensitive, internal, or pre-release links without understanding that the data is leaving the local agent environment.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill exposes endpoints that accept arbitrary user-supplied URLs and send them to the external Just Serp service, but the documentation does not warn users that requested targets and any embedded query data will be transmitted off-platform. This can lead to unintended disclosure of sensitive internal URLs, tokens in URLs, or confidential browsing targets, especially if an agent is allowed to crawl user-provided links without clear consent or validation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal