ClawHub

Bing Webmaster Ronnie

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Bing Webmaster Tools helper that uses a Bing API key to submit URLs and fetch SEO reports, with no evidence of hidden or unrelated behavior.

Install only if you intend to connect an agent to your Bing Webmaster account. Use a scoped Bing API key where possible, prefer BING_WEBMASTER_API_KEY over command-line key arguments, submit only URLs for sites you control, and be cautious before enabling scheduled reports or sending SEO data to webhooks or client channels.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly requires environment access, reads local files for URL input, and communicates with the external Bing Webmaster API, yet it declares no explicit permissions. This creates a transparency and policy-enforcement gap: users or orchestration systems may invoke the skill without realizing it can access secrets, local file contents, and transmit data off-platform.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The statement that the skill 'will automatically activate once the environment variable is set' is too broad because it ties activation only to the presence of a secret, not to a narrow user intent or domain constraint. This can cause the agent to invoke a network-capable skill opportunistically in contexts where the user did not clearly consent to external transmission or SEO operations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Although the skill says it connects to Bing Webmaster Tools, it does not prominently warn that site URLs, crawl data, search queries, impressions, clicks, and rankings may be sent to or retrieved from an external third-party API. This omission undermines informed consent and increases the risk of unintentional disclosure of potentially sensitive client SEO and site-performance data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script places the Bing Webmaster API key in the URL query string when building the request endpoint. Query-string credentials are often exposed through process listings, shell history, proxy logs, browser/debug tooling, and upstream server logs, so the secret may be disclosed even though the request uses HTTPS.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal