ClawHub

cliany-site

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed browser automation skill, but it gives agents broad control over logged-in web sessions and generated commands without enough confirmation boundaries.

Install only if you intend to let an agent automate websites through Chrome. Use test or low-privilege accounts first, avoid sensitive pages unless you trust the configured LLM provider with page structure and text, review generated adapters before running them, and clear saved sessions when they are no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README explicitly encourages automated login and workflow exploration on websites but provides no safety guidance for handling credentials, authenticated sessions, cookies, or sensitive page content. In a tool that captures browser accessibility state and persists sessions, this omission can lead users or downstream agents to expose secrets, retain authenticated state insecurely, or automate actions on sensitive accounts without understanding the privacy implications.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill includes broad trigger phrases such as general references to web automation, CDP, and browser CLI usage, which can cause over-eager autonomous invocation by an agent. In this skill's context that is more dangerous than usual because invocation may lead to browser control, login/session handling, LLM transmission of page structure, and generation/execution of site-specific adapters.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal