ClawHub

Design.md Extractor

Security checks across malware telemetry and agentic risk

Overview

This skill locally extracts design tokens from a user-provided page, with privacy caveats around analyzing sensitive pages.

Install only if you are comfortable letting the skill inspect the visible page you provide. Avoid running it on sensitive logged-in dashboards, customer data, internal tools, or pages with secrets unless local design.md and snapshot files may safely contain page metadata, CSS identifiers, and short visible text evidence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The analyzer captures visible text snippets from arbitrary page elements and, for anchors, records full href destinations. For a tool whose stated purpose is design-token extraction, this exceeds the minimally necessary data and can unintentionally collect sensitive or proprietary content from authenticated pages, internal apps, or pages containing user data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code collects page title, full URL, hostname, favicon URL, visible text, IDs, class names, and link destinations from whatever page the user opens, but there is no evident in-code guardrail, minimization, or disclosure tied to that collection. In the skill context, the tool is expected to inspect webpages locally for design extraction, which makes some DOM/style access expected, but the breadth of captured metadata increases privacy and data-exposure risk, especially on private or authenticated pages.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal