ClawHub

Smart Web Monitor (智能网页监控)

Security checks across malware telemetry and agentic risk

Overview

This is a coherent web-monitoring skill, but users should avoid pointing its LLM mode at sensitive or private pages.

Install only if you want the agent to fetch monitored pages and, in LLM mode, place extracted page text into the agent's reasoning context. Use it for public or low-sensitivity pages, review any cron job before enabling it, and avoid private dashboards, authenticated pages, secrets, personal data, or proprietary content unless you are comfortable with that text being processed and possibly retained in local reports or agent logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger list is broad and includes generic phrases like 'check for changes', 'watch page', and 'web monitor', which can cause unintended invocation in unrelated conversations. Unintended activation matters here because the skill can fetch remote content, create persistent cron jobs, and change monitor state, increasing the chance of surprise side effects or data exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The LLM-monitoring flow states that page text is fetched and then evaluated by an agent, but it lacks a clear warning that fetched page content may be sent to an LLM for processing. This is a privacy and data-handling risk because monitored pages may contain sensitive, personal, or proprietary content, and users are not clearly informed before that content is exposed to a model-based evaluation pipeline.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal