ClawHub

Tabstack Extractor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Tabstack web-extraction helper, but users should be careful with the external API data flow, API key handling, and the optional curl-to-bash installer.

Use this for public or approved web pages only. Prefer installing Babashka through Homebrew, Nix, or an inspected pinned release instead of piping a remote script into bash; store the Tabstack API key securely; and avoid submitting private intranet URLs, pages containing secrets, or regulated data unless Tabstack processing is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The reference documents broader capabilities such as automation and research that exceed the stated extraction-focused purpose of the skill. This expands the apparent operational scope and can mislead users or downstream agents into invoking higher-risk remote actions that were not clearly disclosed or constrained.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are broad enough to overlap with many ordinary requests about summarizing pages, extracting articles, or collecting web content. That increases the chance of unintended invocation, which is risky here because the skill sends URLs and page content to a third-party API and may run shell-based tooling.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The description says the skill extracts website data using the Tabstack API, but it does not clearly warn that target URLs and extracted webpage content will be transmitted to an external third-party service. This omission can lead to privacy, confidentiality, and compliance issues if users provide sensitive internal URLs or pages containing non-public data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document instructs use of bearer-token-authenticated requests to an external service and describes remote URL fetching, but does not warn that user-supplied URLs and potentially sensitive page contents will be transmitted off-platform. This creates privacy, data handling, and credential exposure risks because users may not realize their inputs are being sent to a third party.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Automation and research capabilities imply potentially impactful remote actions and broader data collection, yet the reference provides no warning about privacy implications, unintended interactions with third-party sites, or the possibility of processing sensitive information. In the context of an extraction skill, undocumented action-oriented capabilities materially increase risk because users may assume the tool is read-only.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal