ClawHub

Scrapeless Pro Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real scraping tool, but it combines stealth anti-bot automation with weak usage boundaries and prints the full license key to logs.

Install only if you need authorized scraping and can control where it runs. Restrict use to sites you own or have permission to scrape, avoid sensitive or authenticated pages, and do not run the validate command until the license-key logging is fixed or you are sure stdout is not captured.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill reads a secret from an environment variable and uses it in a CLI feature unrelated to core scraping. In this context, the presence of a separate license-validation path increases the chance that a secret is exposed through logs, subprocess output, terminal history capture, or orchestration layers that collect stdout/stderr.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The validate command prints the full SCRAPELESS_LICENSE_KEY to stdout, which is a direct secret disclosure. In agent and automation environments, stdout is commonly captured in logs, traces, chat transcripts, or monitoring systems, making credential leakage highly likely and unrelated to the skill's stated scraping purpose.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill prominently markets stealth automation, fingerprint masking, and anti-bot bypass without any warning about legal, policy, privacy, or abuse implications. In this context, the omission matters because the core advertised capability is specifically designed to evade detection, which increases the likelihood of misuse against websites that prohibit scraping or deploy anti-abuse controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal