ClawHub

Clawrma

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for the Clawrma CLI’s web, screenshot, and inference features, with ordinary third-party tool and data-sharing cautions but no hidden or destructive behavior in the artifacts.

Before installing, review the clawrma npm package and GitHub repository, especially install scripts, authentication storage, privacy terms, and billing behavior. Avoid sending confidential prompts, private URLs, authenticated page screenshots, or sensitive page snapshots unless you trust the Clawrma service and intend that data to leave your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill recommends using Clawrma in very broad fallback scenarios such as when native tools are blocked, flaky, or more expensive. That can cause an agent to invoke an external network-capable tool in many routine situations without clear trust boundaries, increasing the chance of unnecessary data exposure, unintended web access, or policy bypass through tool substitution. The context makes this more concerning because the tool supports fetching, search, screenshots, snapshots, and inference, so a broad trigger enables multiple side-effecting capabilities at once.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states that `screenshot` writes an image file and prints the output path, but it does not warn about filesystem side effects, storage location, overwrite behavior, or handling of sensitive page contents. In an agent setting, silent file creation can leak sensitive visual data to disk, clutter or overwrite workspace files, and create artifacts that downstream steps may trust or exfiltrate. The surrounding context increases risk because the skill is positioned as a general fallback utility, making routine invocation more likely.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal