ClawHub

Capture Website

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward website screenshot helper with disclosed local saving and sharing behavior, but users should avoid capturing sensitive pages unless they intend to share them.

Install the npm CLI only if you trust that package, prefer a pinned version when possible, capture only URLs you intend to turn into shareable images, review screenshots before sending them through Discord or Feishu, and change or clean up the output path if local retention is not desired.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is overly broad: it says to use the skill when a user wants screenshots of any URL and to send them via external messaging platforms. Broad activation criteria can cause the agent to invoke the skill for ordinary browsing or screenshot-related requests without clearly confirming user intent, increasing the chance of capturing and exfiltrating sensitive content. The explicit mention of Discord/Feishu also raises privacy risk because data may be transmitted off-platform.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The instruction to take screenshots of any website is ambiguous about scope and lacks guardrails around what sites may be captured. In an agent context, this can lead to screenshots of authenticated pages, internal dashboards, or sensitive personal content if the agent applies the skill too broadly. Because screenshotting turns page contents into a transferable artifact, the ambiguity materially increases privacy and data handling risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The description states that screenshots may be sent via Discord/Feishu but provides no warning that captured data could leave the local environment and be disclosed to third-party services. This omission is dangerous because users may not realize that page contents, including potentially sensitive information, are being forwarded externally. Lack of disclosure undermines informed consent and increases the risk of accidental data leakage.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs the agent to save screenshots locally and then send them externally, but it does not warn about local artifact retention or third-party sharing. This creates a clear data handling vulnerability: sensitive screenshots may persist on disk and be transmitted off-system without the user's explicit awareness. The risk is elevated by the fixed workspace path, which may make artifact accumulation predictable.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal