ClawHub

deep-research-pro

Security checks across malware telemetry and agentic risk

Overview

This is a coherent research skill that clearly centers on web search, page scraping, citation synthesis, and saving reports, but users should understand its third-party API and local file-output behavior.

Install only if you are comfortable giving the agent a SkillBoss API key and sending research queries, URLs, and selected page-fetch requests to SkillBoss. Avoid confidential, regulated, secret, or internal-only topics unless that data flow is acceptable, and review any separately downloaded scripts/research tool before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README tells users to 'just ask your agent to research something' and gives broad example prompts, but it does not define clear activation boundaries, consent expectations, or limits on what the skill may search, fetch, and save. In an agent environment, vague invocation guidance can cause unintended autonomous web access, scraping, and processing of sensitive user-provided topics, increasing the chance of overreach or misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README advertises web search, full-page scraping, and saving results to files, but provides no privacy, data-handling, or third-party disclosure warnings. Users may unknowingly send sensitive topics or URLs to an external API provider and persist potentially sensitive outputs locally, which creates confidentiality and compliance risks.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill is written to activate for essentially any request that looks like 'research on any topic,' which can cause it to run in situations where the user did not clearly consent to external searches, scraping, or file writes. In a skill that transmits prompts/URLs to a third-party API and saves reports locally, broad activation increases the chance of unintended data exposure and side effects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill advertises web search and page scraping of user-provided topics/URLs via an external service but does not prominently warn that user inputs and selected URLs will be transmitted to a third-party provider. This can lead to unintentional disclosure of sensitive queries, internal URLs, or proprietary research topics.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill instructs saving generated reports to a local path without clearly warning the user that files will be created on disk. Unexpected local writes can expose sensitive research results to other local users/processes or leave persistent artifacts the user did not intend to store.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal