ClawHub

Alibabacloud Iqs Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Alibaba Cloud web-search and page-reading skill, but users should treat searches and URLs as data sent to Alibaba Cloud.

Install only if you are comfortable using Alibaba Cloud IQS for web retrieval. Do not submit secrets, private documents, authenticated links, internal URLs, or regulated data as search queries or page URLs unless you have approval. Use stealth mode only when appropriate for the target site and your policies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill is positioned as the default tool for a very broad class of tasks ('use this skill FIRST' for current information, fact verification, URL reading, and web-based research) without clear limits or user-consent checkpoints. In an agent setting, this can cause unnecessary transmission of user prompts or URLs to an external provider, increasing privacy and policy risk through over-invocation rather than a direct exploit.

Vague Triggers

Low
Confidence
74% confidence
Finding
The decision tree reduces routing to a simplistic 'URL means readpage, question means search' rule and lacks scope constraints for sensitive URLs, internal resources, or cases where no external lookup is necessary. This can lead to accidental external access or over-collection, though the issue is primarily one of unsafe operational guidance rather than code execution.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The description encourages external search and page retrieval but does not disclose that user queries and URLs are sent to a third-party cloud API. This creates a real privacy and compliance risk because users or downstream agents may unknowingly transmit sensitive prompts, proprietary research topics, or private links to an external service.

Missing User Warnings

Low
Confidence
77% confidence
Finding
Documenting a stealth mode without a clear warning about what it does can mislead operators into bypassing website bot-detection or access expectations without informed user approval. The risk is mainly policy, legal, and transparency-related rather than a direct compromise of the local system.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits the user-supplied URL and extraction settings to a third-party remote API, which can expose sensitive URLs, query strings, or internal endpoints to the external provider. In a web-reading skill this is expected behavior, but the lack of explicit disclosure or consent makes it a real privacy and data-handling risk, especially if users provide private or internal links.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends user-provided search queries, along with identifying request metadata such as a custom User-Agent and source header, to a remote third-party service without any explicit disclosure or consent flow in the tool behavior. Because this skill is specifically positioned for broad web research and fact-finding, users may submit sensitive prompts, making undisclosed transmission a meaningful privacy risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal