ClawHub

Bilibili Downloader

Security checks across malware telemetry and agentic risk

Overview

This is a purpose-aligned Bilibili downloader, but users should protect any Bilibili session cookie and choose output paths carefully.

Install only if you intend to download Bilibili content and trust the bilibili-api-python dependency. Treat BILIBILI_SESSDATA like a password: do not paste a real cookie into shared chats, commit it to code, include it in logs, or leave it in long-lived shell history. Use a dedicated output directory and check for existing files before downloading large videos or playlists.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill demonstrates file write behavior by downloading media to local paths like './video.mp4', './audio.mp3', and playlist outputs, but it does not declare corresponding permissions. Undeclared file capabilities reduce transparency and can cause an agent to invoke the skill without understanding that it will create or overwrite local files.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrase 'Use when working with Bilibili content' is overly broad and could cause the skill to activate in many contexts unrelated to downloading, increasing the chance of unnecessary or unintended file writes and network access. In an agent environment, overly generic routing language can widen exposure and make potentially sensitive actions easier to invoke without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The authentication section tells users to export a browser-derived SESSDATA cookie without warning that it is a sensitive credential that can grant account access. Encouraging direct handling of browser cookies without privacy and storage safeguards increases the risk of credential leakage, session theft, and unauthorized access to premium or personal account data.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The guide instructs users to place a sensitive Bilibili session cookie (SESSDATA) into an environment variable and directly in code, but provides no warning about credential sensitivity, shell history exposure, process inheritance, logging, or accidental source-control leakage. While using environment variables for secrets is common, presenting it without secure-handling guidance in a downloader skill increases the chance that users will expose account credentials and enable account misuse if the cookie is copied, logged, or committed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal