ClawHub
Back to skill

Security audit

Cctv News Fetcher Hardened

Security checks across malware telemetry and agentic risk

Overview

This CCTV news skill mostly matches its purpose, but needs review because its crawler can follow unvalidated links from remote pages and sends a bundled cookie header during normal requests.

Review before installing. Use it only if you are comfortable with a local script making web requests based on CCTV/CNTV pages. Safer hardening would remove the static cookie, restrict follow-up requests to explicit CCTV hosts over HTTPS, add request limits/timeouts, and log or skip rejected links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The crawler follows URLs parsed from remote page content without verifying that they belong to the expected CCTV domains or even use safe schemes. If the upstream page is compromised or malformed, this can turn the skill into an unintended outbound fetcher, enabling SSRF-like behavior, internal network probing in some deployments, or access to non-CCTV content outside the stated purpose.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
This path also fetches follow-up links taken directly from remote HTML with no domain or scheme restriction. In an agent/runtime context, that expands network reach beyond the declared CCTV-news task and could be abused if the source page or link targets are attacker-controlled.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The recent-news flow repeats the same unsafe pattern of blindly following links from parsed markup. Because this is a network-capable skill, unconstrained secondary requests make the skill more dangerous than a simple scraper and can expose the execution environment to unintended destinations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal