ClawHub

browser Devtools Inspector

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser debugging skill, but its captured DevTools output should be treated as sensitive.

Install only if you need browser DevTools-style diagnostics. Prefer local or trusted development URLs, avoid hostile or sensitive internal sites, and treat saved JSON captures as sensitive because they may include internal URLs, response headers, stack traces, or tokens embedded in URLs. Redact captures before sharing or committing them, and run the scripts in an isolated environment when testing untrusted pages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill instructs users to capture browser console and network traffic but does not warn that those artifacts can contain sensitive information such as auth tokens, cookies-derived headers, personal data in API payloads, internal URLs, and stack traces. Because the skill is explicitly aimed at real browser debugging and even mentions production use, omission of a privacy/data-handling warning can lead to accidental collection and broader exposure of sensitive diagnostics.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples encourage redirecting production diagnostic captures to local files without any guidance on secure storage, retention, or redaction. Network and console captures from production can include sensitive request/response metadata and error details, so saving them to files increases the risk of accidental disclosure through local filesystem exposure, commits, uploads, or reuse in other tools.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The script drives a headless browser to an arbitrary user-supplied URL, causing outbound requests and execution of page content in Chromium. In an agent or automation context, this can be abused for SSRF-style access to internal services, network probing, or unintentional collection of sensitive resource metadata from pages the operator did not realize would be fetched.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script captures and outputs full request URLs and complete response headers to JSON, which can expose sensitive information such as query-string tokens, session identifiers, internal endpoints, or security-related headers. In a network-capture utility this behavior is functional, but without redaction, consent prompts, or clear warnings it creates a real risk of accidental data leakage when run against authenticated or internal applications.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script accepts an arbitrary URL from the command line and automatically drives a headless browser to visit it, causing an outbound network request without any confirmation, allowlist, or warning about the privacy and network exposure implications. In an agent or automation context, this can be abused for unintended SSRF-style access to internal services, local admin panels, or sensitive intranet hosts reachable from the runtime environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal