ClawHub

Website Screenshot (By ScreenshotOne)

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward guide for taking screenshots through ScreenshotOne, with expected external API use and local output files but some privacy cautions users should keep in mind.

Install this only if you intend to use ScreenshotOne as an external screenshot service. Avoid submitting private internal URLs, session cookies, authorization headers, personal data, or confidential pages unless you explicitly want that context sent to ScreenshotOne, and use safe output filenames because screenshots may contain sensitive page content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill directs users to send both a target URL and an access key to a third-party screenshot service, but it provides no warning about privacy, data handling, or the fact that the external service will fetch and process the supplied URL. This can expose sensitive internal URLs, authenticated targets, or confidential page contents if users apply the pattern to non-public resources.

Missing User Warnings

Low
Confidence
75% confidence
Finding
The example writes API output directly to a local filename with --output but does not warn that files will be created or overwritten in the current working directory. While this is not a remote compromise vector by itself, it can cause accidental data loss or confusion in automation and agent-driven environments.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest enables implicit invocation with no stated trigger constraints, so the skill can be activated more broadly than necessary. Because this skill performs outbound screenshot capture of arbitrary websites via curl, overly broad activation increases the chance of unintended use, prompt-driven misuse, or invocation in contexts where external network actions were not explicitly requested.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The reference documents sensitive options such as `authorization`, `cookies`, `headers`, proxy settings, geolocation, and storage/upload parameters without warning that these can expose secrets, session tokens, private browsing context, or cause captured data to be uploaded to external storage. In an agent skill that encourages direct `curl` usage, this increases the chance users will pass live credentials or session cookies into requests and mishandle returned data or stored artifacts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal