ClawHub

Firecrawl Local

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local Firecrawl wrapper for scraping and crawling websites, with normal privacy and scope risks for web extraction tools.

Install this only if you intend to use a trusted self-hosted Firecrawl service. Avoid scraping private or sensitive internal URLs unless you have permission, keep crawl limits conservative, and be careful setting FIRECRAWL_LOCAL_URL or FIRECRAWL_API_KEY because those determine where requests and any bearer token are sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill clearly instructs use of shell commands and references an executable script, but the metadata declares no corresponding permissions. This can mislead users or the host agent about the skill's actual capabilities, weakening consent and policy enforcement around command execution.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger language is very broad, including generic phrases like 'scrape this' or 'get content from X', which can cause the skill to activate in ordinary conversation without clear user intent. In this context, unintended invocation can lead to unexpected network access, data transmission to a local service, and shell-script execution.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill describes web scraping and crawling behavior but does not warn users that requested URLs and retrieved content will be sent to a locally hosted Firecrawl service. This omission matters because scraped pages may include sensitive URLs, private internal docs, or user-provided targets, creating privacy and data-handling risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal