ClawHub

110 Deep Research Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed web-research helper whose network fetching and local report saving match its stated purpose, with privacy and persistence caveats.

Install this only if you want the agent to perform internet research, fetch external pages, and save research reports locally. Avoid confidential topics unless you are comfortable with queries and URLs going to third-party services and with generated reports remaining on disk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README presents invocation examples like general-purpose research requests without clearly bounding when the skill should be used, so it can be triggered by ordinary user prompts that overlap with normal assistant behavior. In an agent environment, this broad activation increases the chance of unnecessary web access, external data transmission, and autonomous report generation when the user did not explicitly consent to tool use.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The feature description advertises web search, full-page fetching, and saving to file, but it does not warn users that prompts or derived queries may be sent to external services and that outputs may be written to local storage. This lack of disclosure can cause unintended data exposure or filesystem side effects, especially if users include sensitive topics, internal names, or proprietary information in research requests.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill activates on very generic requests to 'research' a topic, which can cause it to trigger on ordinary information-seeking prompts without clear user intent to invoke a web-searching, file-writing workflow. In a skill that performs external lookups, fetches arbitrary URLs, and saves reports to disk, overly broad activation increases the chance of unintended tool use and expands exposure to untrusted content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill directs the agent to create directories and save reports under ~/clawd/research/[slug]/report.md without requiring a user-facing notice or confirmation. Silent file creation can surprise users, leak sensitive research topics into persistent storage, and create opportunities for unwanted accumulation of data on disk.

External Script Fetching

High
Category
Supply Chain
Content
For the most promising URLs, fetch full content:

```bash
curl -sL "<url>" | python3 -c "
import sys, re
html = sys.stdin.read()
# Strip tags, get text
Confidence
95% confidence
Finding
curl -sL "<url>" | python

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal