ClawHub

WebsitePublisher

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed WebsitePublisher.ai integration that lets an agent publish website content using the user’s configured project token.

Install this only for a WebsitePublisher.ai project you are comfortable letting an agent modify. Use a dedicated or scoped token if available, review page/form/data changes before live publication, and do not store secrets or sensitive personal data in public pages or MAPI records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly states the agent will publish websites to a live URL, but it does not clearly warn users that content, forms, and configuration may become publicly accessible and externally reachable. In a conversational agent context, this omission can lead to accidental exposure of sensitive business information, unfinished content, or unsafe form configurations because users may not realize the action has real public deployment consequences.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to build and publish websites to a live URL, but it does not require an explicit user confirmation before creating, modifying, or deploying production content. In an agent setting, this can lead to unintended live changes, defacement, or overwriting existing pages if a user request is ambiguous or maliciously framed.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill configures contact forms and documents that MAPI records are publicly readable, but it provides no privacy or data-handling warning about exposing submitted personal data or publishing structured records publicly. This increases the risk of accidental disclosure of PII, sensitive business data, or regulatory noncompliance when users assume form data or records are private by default.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal