Scrapling Safe

Security checks across malware telemetry and agentic risk

Overview

This is a web-scraping skill with disclosed scraping features, but its “safe/public-only” claims are not technically enforced and it can fetch arbitrary URLs using stealth and browser modes.

Install only if you need authorized web scraping and can control where the agent sends requests. Treat the public-only and robots.txt statements as usage guidance, not enforced safeguards. Avoid stealth or Cloudflare-solving modes unless you have explicit permission, and consider running this in a network-restricted environment if internal services or credentials are reachable.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The module documentation claims the tool only accesses public websites, but the implementation accepts arbitrary user-supplied URLs and performs outbound requests with multiple fetcher backends, including browser-based modes. In an agent or hosted environment, this can enable SSRF-style access to internal services, metadata endpoints, localhost, or otherwise non-public network resources, making the mismatch a real security issue rather than a documentation-only defect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal