ClawHub
Back to skill

Security audit

Bright Data

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Bright Data connector that lists read-only account and dataset actions, with no artifact evidence of hidden exfiltration or destructive behavior.

Install this if you want Codex to query Bright Data through your OOMOL-connected account. Be aware it depends on your OOMOL session and Bright Data connection, and only approve any future tagged write or destructive action after checking the exact target and payload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest and description frame the skill as intended for searching and reading data, but the body explicitly permits any Bright Data action, including write or destructive operations. This mismatch can cause downstream agents or users to invoke the skill under a false read-only assumption, increasing the chance of unintended state-changing operations.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The later documentation expands the operational scope from read/search behavior to possible write and destructive actions, directly conflicting with the advertised skill purpose. In an agentic environment, this kind of scope drift is dangerous because policy or orchestration layers may trust the top-level description and approve execution paths that are broader than expected.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The instruction to use this skill for ANY Bright Data request is overly broad and may cause accidental invocation for tasks that do not need this capability or that require stricter review. Because the skill can reach a connected external account and the documentation contemplates state-changing actions, overbroad routing increases the likelihood of unintended data access or unsafe operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal