ClawHub

Scrapeless Webunlocker Skill

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it provides broad website bypass and scraping power with weak safety scoping and sends user-supplied request details to a third-party service.

Install only if you intentionally need Scrapeless for authorized scraping. Do not pass cookies, authorization headers, session tokens, private URLs, personal data, or confidential POST bodies unless you have approved sharing them with Scrapeless. Use strict target scoping, avoid PUT/DELETE unless absolutely required, monitor Scrapeless billing, and consider pinning dependencies before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (10)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly promotes bypassing website blocks, CAPTCHA solving, IP rotation, and large-scale scraping/data collection, but provides no warning about legality, privacy, authorization, or third-party data transmission to the Scrapeless service. In this context, the omission is security-relevant because the skill is designed to access protected sites and send fetched content through a remote API, increasing the risk of misuse, policy violations, and unintentional exposure of sensitive data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The usage examples demonstrate potentially sensitive operations—POSTing arbitrary bodies, adding custom headers, using proxies, taking screenshots, and capturing network activity—without any warning that these actions can transmit secrets, session tokens, personal data, or internal content to external systems. Because this skill is specifically positioned to defeat anti-bot protections and render protected pages, the absence of operational safety guidance makes misuse and accidental data leakage more likely.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill is built around sending target URLs, headers, request data, and retrieved page content to a third-party scraping service, but the description does not clearly warn about this external data sharing. Users may unknowingly transmit sensitive URLs, credentials in headers, personal data, or proprietary content to an external processor.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The network-capture mode can expose full request metadata, potentially including URLs with tokens, headers, cookies, authorization data, and other sensitive identifiers. Without an explicit warning, users may enable this mode and then store, display, or forward highly sensitive network traces unintentionally.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This tool sends user-provided URLs, headers, request bodies, and optional proxy/rendering configuration to an external service (api.scrapeless.com). In a security-sensitive agent context, that creates a real data disclosure risk because secrets in headers, cookies, POST bodies, internal URLs, or target metadata may be exfiltrated to a third party without an explicit warning, consent gate, or input restrictions.

External Transmission

Medium
Category
Data Exfiltration
Content
js_render=js_render
            )
            
            response = requests.post(
                f"{self.api_base_url}{self.endpoint}",
                headers=self.headers,
                json=payload,
Confidence
89% confidence
Finding
requests.post( f"{self.api_base_url}{self.endpoint}", headers=self.headers, json=

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
python-dotenv
Confidence
97% confidence
Finding
requests

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
python-dotenv
Confidence
95% confidence
Finding
python-dotenv

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
92% confidence
Finding
requests

Known Vulnerable Dependency: python-dotenv — 1 advisory(ies): CVE-2026-28684 (python-dotenv: Symlink following in set_key allows arbitrary file overwrite via )

Low
Category
Supply Chain
Confidence
69% confidence
Finding
python-dotenv

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal