ClawHub

Business API Recorder

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate browser API recording skill, but it captures complete authenticated web traffic without enough scoping or sensitive-data safeguards.

Install only for systems you are explicitly authorized to inspect. Use an isolated browser profile or test account, avoid production or regulated data when possible, clear logs after use, and redact cookies, authorization headers, tokens, personal data, and business secrets before saving or sharing generated logs or AI reconstruction documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly promotes intercepting full browser request/response traffic and exporting complete logs, but it does not warn that these logs may contain authentication tokens, session cookies, PII, business secrets, or regulated data. In the context of a browser-monitoring skill, omission of data-handling and redaction guidance materially increases the chance of sensitive-data capture and unsafe storage.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly promotes recording complete API requests and responses from internal business systems, which commonly contain credentials, session tokens, personal data, and other confidential business information. Because the description includes no warning, scoping guidance, redaction requirements, or authorization constraints, it materially increases the risk of over-collection and unsafe handling of sensitive internal data.

Missing User Warnings

High
Confidence
97% confidence
Finding
The script monkey-patches fetch and XMLHttpRequest to capture full request and response metadata, including headers, request bodies, and response bodies, then stores them in a globally accessible in-page object. In typical web contexts this can collect session tokens, API keys, personal data, and sensitive business data without consent or minimization, creating a strong risk of privacy violation and credential exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The helper functions expose the entire captured network log through window-accessible globals, making any sensitive data already collected easier to retrieve by other scripts, extensions, or interactive users on the page context. This significantly lowers the barrier to exfiltration because secrets and payloads are centralized and discoverable under predictable names.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal