ClawHub

Bounty Hunter Pro

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate-looking bug-bounty scanning skill, but it needs review because it can drive live and recurring scans with weak scope controls.

Review before installing or using. Only run it on programs where you have explicit authorization, replace the sample authorization check with strict hostname and subdomain-boundary validation, verify any external scanner binaries yourself, avoid sending raw secrets to cloud models or shared alert channels unless approved, and do not enable the cron schedule unless recurring scans are intentional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The documented authorization check is flawed because `target.endswith(auth)` will treat unrelated domains like `badexample.com` as authorized when `example.com` is on the allowlist. In a skill explicitly designed for autonomous vulnerability scanning, this creates a real scope-bypass that can lead to unauthorized scanning of third-party infrastructure.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation text is broad enough that an agent could start an active bounty scan from a simple prompt without strong confirmation, exclusions, or a mandatory preflight step. Because this skill performs network enumeration and vulnerability scanning, ambiguous triggering increases the chance of unintended or unauthorized execution.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill advertises autonomous scanning, analysis, and report generation but does not prominently warn that it will perform live network activity and write artifacts to disk. In a security-scanning context, lack of explicit operational disclosure is dangerous because users or agents may trigger intrusive actions and persistent storage without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal