ClawHub

cn-data-scraper

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about being a Chinese-site scraping helper, but it teaches broad anti-bot and login-cookie scraping techniques that users should review carefully before installing.

Install only if you have a legitimate, authorized scraping use case. Do not use it to bypass login walls, collect personal data, evade platform defenses, or scrape copyrighted or gated content without permission. Treat cookies and tokens as sensitive credentials and review the helper script's outbound requests and local output path before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

High
Confidence
95% confidence
Finding
The skill repeatedly frames itself as compliance-oriented, yet its examples instruct users to inject authentication cookies and tokens to access login-gated content and discusses bypassing anti-crawl controls. In practice, this enables circumvention of access restrictions and can facilitate unauthorized collection of protected content, account abuse, or terms-of-service violations.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The example labels the behavior as 'polite' scraping while explicitly recommending randomized delays 'to appear human.' That language and technique encourage stealth and detection evasion rather than transparent, authorized automation, which is risky in a skill already centered on anti-crawl bypass.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The 'Use when' description lacks limiting conditions and effectively invites activation for almost any China-related scraping task, including ones that may be legally or ethically sensitive. Because the skill includes anti-crawl and access-bypass guidance, broad activation materially increases misuse risk.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The 'Use when' description lacks limiting conditions and effectively invites activation for almost any China-related scraping task, including ones that may be legally or ethically sensitive. Because the skill includes anti-crawl and access-bypass guidance, broad activation materially increases misuse risk.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The included shell script writes scraped results to an output file by default without an explicit warning, consent step, or data-handling guidance. While not severe by itself, silent persistence of scraped content can create privacy, retention, and local data exposure issues, especially if the content includes personal or copyrighted material.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The script performs live network scraping and writes results to a local file with no explicit confirmation, destination validation, or warning about these side effects. In agent or automation contexts, this can trigger unintended outbound requests and silently persist scraped data to disk, creating privacy, compliance, and operational risk.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The script references use of login cookies for scraping authenticated platforms without warning about the sensitivity of authentication material or safe handling requirements. In the context of a scraping skill focused on anti-bypass tactics, this increases the chance that operators or downstream agents will pass reusable session cookies insecurely, leading to account compromise or unauthorized data access if those cookies are exposed.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal