ClawHub

audit website for SEO, security, performance and 200+ other issues

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed website audit and remediation helper with meaningful scan and edit capabilities, but no artifact-backed evidence of hidden, deceptive, exfiltrating, or destructive behavior.

Install this only if you want an audit tool that can also help edit local website code/content. Use it on sites you own or are authorized to test, review the audit report first, approve each fix batch explicitly, keep changes on a branch when possible, avoid squirrel init --force unless you intend to overwrite configuration, and be cautious with full live scans on production or third-party sites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is advertised as an audit/reporting tool, but these instructions broaden it into making fixes on the target project. That creates a scope mismatch: a user invoking an auditor may unexpectedly grant code/content modification capability, increasing the risk of unintended or overbroad changes beyond simple analysis.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
This workflow turns a read/analyze operation into an iterative loop of proposing, applying, and re-auditing fixes, including content and code edits. That is dangerous because it normalizes autonomous modification of project files under the banner of auditing, which can lead to unauthorized, low-quality, or destructive changes if the skill is invoked in the wrong context.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill grants broad editing/remediation behavior for content and code even though its stated purpose is website auditing. This excess capability violates least privilege and can be exploited to justify widespread file modifications unrelated to generating an audit report.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill encourages auditing live websites and describes crawling and external link checking, but it does not prominently warn about privacy, authorization, network egress, or potential impact on third-party systems. This can cause users or agents to scan external targets without clear consent or awareness of the operational and legal implications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal