ClawHub

Ask Search

Security checks across malware telemetry and agentic risk

Overview

The skill appears search-focused, but its documentation gives under-scoped guidance for proxy-based scraping and logged-in browsing that users should review before installing.

Install only if you intend to use advanced web-fetching techniques and can supervise them. Keep the skill to normal search where possible; do not route traffic through a residential machine, reuse logged-in browser sessions, expose cookies, or automate scraping unless you have authorization, understand the privacy impact, and use an isolated environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The README for a search-only skill includes operational guidance for scraping third-party sites via SOCKS proxies, headless browsers, archive caches, and multi-node fetching. While not executable code in itself, this meaningfully expands the skill's effective use case into network tunneling and anti-bot evasion, increasing the likelihood that an agent or user will perform higher-risk external actions beyond simple search.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation recommends proxying requests through a residential machine, using Playwright for JS-heavy sites, and leveraging login/browser sessions, but does not give strong warnings about privacy exposure, credential leakage, systemd persistence, or the risks of routing agent traffic through trusted home infrastructure. In an agent context, this can normalize unsafe operational patterns that may expose user identity, accounts, or internal systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal