ClawHub

scrape

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only scraping skill with disclosed external API use, but users need to apply the compliance and data-handling guidance carefully.

Install only if you are comfortable with a scraping helper that may send target URLs and scraped page content to SkillBoss API Hub when using the managed examples. Before use, confirm site permission and terms, avoid login-protected or personal data, protect the API key, and change the robots.txt helper to fail closed or require explicit human override on fetch errors.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill claims robots.txt-compliant scraping, but the implementation returns allowed when robots.txt cannot be fetched. That fail-open behavior can cause scraping of sites whose robots policy is temporarily unavailable, blocked, or intentionally inaccessible, undermining the stated compliance guarantee.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The manifest describes a scraping skill, but this section adds downstream LLM analysis of scraped content, expanding the capability beyond simple retrieval. Scope creep matters because scraped data may contain sensitive or regulated content that is then transmitted to a model endpoint for secondary processing without clear disclosure or control.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The code introduces a general chat/LLM invocation path in a scraping skill, creating a broader and less bounded capability than users would expect from the metadata. This increases risk of unintended external transmission, prompt injection propagation from scraped content, and misuse of the skill for unrelated model access.

External Transmission

Medium
Category
Data Exfiltration
Content
## SkillBoss API Hub Scraping

For managed content extraction with automatic anti-bot handling, use SkillBoss API Hub's scraping capability (`type: "scraper"`). Authenticate with `SKILLBOSS_API_KEY` and call `https://api.skillbossai.com/v1/pilot`. Result is returned at `result.data.markdown`.

For code patterns, robots.txt parser, and SkillBoss API Hub scraping integration, see `code.md`
Confidence
95% confidence
Finding
https://api.skillbossai.com/

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal