ClawHub

Zhihu Keyword Content Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Zhihu crawler that uses a user-provided login cookie and saves scraped results locally, so it is usable but requires careful credential handling.

Install only if you are comfortable giving the script a full Zhihu login cookie. Treat the cookie like a password: avoid putting it in shared logs, screenshots, shell history, or saved scripts, and log out or rotate the session if it is exposed. Use a dedicated output folder and review saved JSON/text before sharing or reusing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly instructs the user to run a crawler that performs network access and writes output files, yet the metadata shown contains no declared permissions or trust boundary information. This weakens auditability and user consent because consumers of the skill are not explicitly informed that it will contact Zhihu and persist scraped data locally.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly instructs users to extract their full logged-in Zhihu cookie from browser developer tools and pass it on the command line, but it does not warn that cookies are bearer credentials that can grant account access. This is dangerous because shell history, process lists, logs, screenshots, or copied command snippets can expose the cookie and enable account takeover or unauthorized access to private account data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation tells users to extract and pass their full authenticated Zhihu cookie, which is effectively a bearer credential for the user's session. Exposing it on the command line or sharing it with the skill can lead to account/session hijacking, unintended access to private account data, and leakage through shell history, logs, screenshots, or process listings.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill states that it saves complete question and answer data into JSON and merged text files but does not warn that scraped content may contain personal, sensitive, or regulated information. Persisting large datasets locally without disclosure increases the risk of accidental retention, over-collection, later reuse, or exposure through backups and sharing.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script requires a full Zhihu login Cookie on the command line and then transmits it in every request, but provides no safeguards for secret handling. Passing session cookies via CLI exposes them to shell history, process listings, logs, and accidental reuse, which can lead to account/session compromise if the cookie is copied or observed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal