ClawHub

Ai Product Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it monitors AI product launches online, screenshots launch pages, and saves local reports.

Review references/feeds.yaml before running, especially before adding untrusted feeds. Use individual stages if you want to inspect collected URLs before screenshots, and avoid running the screenshot stage in environments that can reach private internal services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Low
Confidence
82% confidence
Finding
The stage descriptions describe fetching RSS feeds, web search enrichment, and screenshot capture, but do not explicitly warn that the skill will make outbound connections to third-party RSS feeds and websites. While this is consistent with the skill's stated purpose, the omission reduces informed consent and can matter in restricted or privacy-sensitive environments.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The output section lists files that will be produced, but it does not clearly warn users up front that executing the pipeline writes JSON, Markdown, and image files to local storage. This is a transparency issue rather than evidence of malicious behavior, but it can still surprise users in constrained or sensitive environments.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The screenshot stage automatically visits and renders URLs sourced from external feeds, then writes the resulting images locally, without any safety gate or trust validation. In skill context this is more dangerous because the URLs are attacker-influenced feed content, so running a browser tool against them can cause SSRF-like access, tracking, or interaction with malicious pages from an automated pipeline.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal