ClawHub

Openrouter Free Helper

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but its automatic Chrome remote-debugging fallback creates enough local attack surface to require user review.

Install only if you are comfortable with it reading your OpenClaw model configuration, contacting OpenRouter, writing a local status file, and sending summaries to Feishu. Prefer API-only or dry-run/no-notify use, verify the Feishu target and cron path, and close any Chrome process started with remote-debugging-port=9222 when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares only allowed tools but does not clearly declare or constrain sensitive capabilities that its documented workflow relies on: network access, shell execution, and file writes to config/data paths. This mismatch can mislead users or automation about the skill's actual trust boundary, causing it to run with broader effective access than expected.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script starts Chrome with a DevTools remote debugging port and then invokes an external browser automation tool against remote content. Even though the port is checked on 127.0.0.1, exposing a live browser automation interface is broader than needed for model discovery and increases the attack surface on the host, especially on multi-user systems or when other local processes can access the debugger.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal