ClawHub

Selenium Automation Skill

Security checks across malware telemetry and agentic risk

Overview

This Selenium automation skill does what it claims, but it handles form submission and work-record changes with too little control and may expose sensitive form data in logs or screenshots.

Review the scripts before installing or using this on real accounts. Avoid passing passwords or private form values through command-line arguments, add confirmation before any submit action, disable default screenshots, and avoid running arbitrary sites with the browser sandbox disabled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automation for form submission, scraping, file writes, proxy use, cookie management, and JavaScript execution, but it provides no safety guidance about acting on third-party websites or modifying local data. This can lead an agent or user to perform unintended external actions such as submitting forms, violating site usage expectations, storing sensitive scraped data locally, or interacting with authenticated sessions without adequate confirmation.

Missing User Warnings

High
Confidence
99% confidence
Finding
The script logs raw field values during form filling, including potentially sensitive inputs such as passwords, email addresses, phone numbers, and messages. If logs are stored, forwarded, or viewed by other users or systems, this can expose credentials and personal data, creating immediate confidentiality risk.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script submits forms automatically by default once fields are filled, which can trigger real-world actions such as account creation, data transmission, purchases, or message sending. In an automation context this may be intended behavior, but doing it without an explicit confirmation step or safer default increases the risk of accidental or unauthorized impactful actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script automatically saves screenshots of the visited task page and filled form, which may contain sensitive task data, user identifiers, comments, internal URLs, or session-visible content. Because screenshots are taken even without the optional screenshot flag, data may be written to disk unexpectedly and later exposed through local access, logs, artifact collection, or CI workspace retention.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal