ClawHub

Agent Reach.Bak

Security checks across malware telemetry and agentic risk

Overview

This is a broad web and social-platform skill that is mostly disclosed, but it gives agents cookie-based account access and posting-capable commands without enough safeguards.

Review carefully before installing. Use secondary accounts or read-only workflows where possible, do not share main-account cookies casually, inspect the remote install guide before running it, and require an explicit preview and confirmation before any post, comment, upload, or account-changing action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list includes very broad phrases such as 'research', 'find information', 'search online', and common Chinese equivalents, which can cause the skill to activate for routine requests that do not require this powerful network-enabled tool. In a skill that can access many external platforms and potentially perform authenticated actions, over-triggering increases the chance of unintended data access, web requests, and unsafe tool use.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs use of cookies for authenticated access ('Use Cookie-Editor to import cookies') without warning that cookies are highly sensitive session credentials equivalent to being logged in. This can lead users or agents to handle, store, or transmit account tokens insecurely, enabling account takeover or privacy compromise if exposed.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill states 'User only provides cookies. Everything else is your job,' effectively directing the agent to perform setup and authenticated actions using user session material without guardrails. In context, the skill also supports publishing and interacting on platforms, so this creates a real risk of unauthorized posting, account changes, or mishandling of sensitive session data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal