ClawHub

Docker Xunler Downloader

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it connects to a Docker Xunlei service to view tasks and submit magnet downloads, but users should verify the target host before using it.

Before installing or running it, edit or replace config.json and confirm the Xunlei host is yours. Use submit commands only for content you are allowed to download, since they can consume network bandwidth and storage and will reveal the magnet link and file list to the configured Xunlei service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README instructs users to configure and operate a remote Xunlei service and submit magnet links, but it does not clearly warn that these commands trigger real network interactions, enqueue downloads on another system, and may consume bandwidth, storage, or expose the user to legal/policy issues depending on content. In an agent skill context, missing disclosure about external side effects increases the risk of unsafe or unintended execution, especially if an agent invokes commands without the user understanding that they affect a live download environment.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill submits user-provided magnet links and derived file metadata to an external Xunlei service, but this file provides no explicit consent flow, warning, or privacy notice before transmission. Magnet links and torrent file listings can reveal user interests or sensitive content, so silent forwarding to a remote service creates a real privacy and data-disclosure risk even if it is functionally required for the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal