Back to skill

Security audit

Scrapling Web Scraping

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed web-scraping guidance skill with dual-use anti-bot features, but no evidence of hidden execution, exfiltration, or unrelated local access.

Use this only for sites you own, are authorized to test, or are explicitly allowed to scrape. Be especially careful with stealth, Cloudflare-solving, proxy, login-session, and large-crawl features, and keep scraped outputs, checkpoints, downloads, and cookies in a dedicated workspace. Review any copied cleanup command before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill provides explicit stealth scraping guidance, including TLS impersonation, proxy rotation, and automatic Cloudflare/Turnstile solving, but does not pair these capabilities with strong warnings or hard limits around legal, compliance, and abuse risks. In context, this makes the skill more dangerous because its primary subject is web scraping and anti-bot evasion, so the documented patterns directly enable circumvention of site protections rather than merely describing theory.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The file documents browser-based and stealth scraping features, including Cloudflare bypass, without any accompanying guidance on authorization, privacy, or compliance with site terms. In a skill specifically designed to enable MCP-driven scraping, this omission lowers friction for misuse and can facilitate unauthorized collection or evasion of access controls.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The recipe explicitly includes `shutil.rmtree("./crawl_checkpoint")` as a reset step without any warning, confirmation, or safer alternative. In a guidance document for an agent skill, users may copy this directly, causing irreversible local data loss if the path is mistyped, reused, or points to valuable crawl state.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
# To reset and start fresh:
import shutil
shutil.rmtree("./crawl_checkpoint")
spider.start()
```
Confidence
97% confidence
Finding
shutil.rmtree("./

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.