ClawHub

browser-use AI浏览器自动化

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser-automation guide, but it normalizes giving an AI live browser, account, cloud-session, shopping, email, and form-submission authority without enough user-control safeguards.

Install only if you are comfortable with an agent controlling a browser that may access logged-in accounts. Use a dedicated browser profile, avoid syncing primary account sessions to the cloud, inspect remote shell scripts before running them, and require manual approval before purchases, messages, uploads, applications, or other account-changing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are extremely broad and map to common user intents like filling forms, shopping, browser control, installation, and API key setup. In an agent ecosystem, this can cause the skill to activate unexpectedly for sensitive workflows, leading to browser automation being applied without deliberate user choice or appropriate safeguards.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill advertises high-impact capabilities such as form filling, shopping, and integrations with third-party services, but it does not pair them with clear safety guidance about privacy, financial risk, account misuse, or unintended submissions. In this context, omission of warnings is dangerous because the skill is designed to let an AI act directly on live websites and user accounts.

Missing User Warnings

High
Confidence
97% confidence
Finding
The examples include logging into Gmail and sending mail, filling job applications, uploading resumes, and shopping, all of which can expose sensitive data or cause irreversible account actions. Because these examples normalize autonomous execution without explicit confirmation, review, or least-privilege guidance, they increase the chance of unsafe real-world use.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal