ClawHub

Anti-Bot Scraper

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about being an anti-bot scraper, but it enables broad stealth scraping with proxies, cookies, fingerprint spoofing, and saved page captures without enough scoping or safeguards.

Install only if you have permission to scrape the target sites. Avoid using real account cookies unless necessary, keep batch concurrency low, review and delete saved HTML/screenshots that may contain private data, and do not use the stealth or proxy features to evade access controls or site rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
Overly broad trigger keywords can cause the skill to activate for ordinary requests like generic 'scrape' or '抓取' tasks, increasing the chance that stealth scraping, proxy use, or anti-detection behavior is invoked without clear user intent. In this skill's context, that risk is amplified because the capability is explicitly designed to evade anti-bot defenses.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill exposes privacy- and system-impacting behaviors—proxy routing, custom cookie injection, screenshot/HTML writes, and anti-detection scraping—without prominent user-facing warnings about local data storage, session misuse, or policy/legal implications. Because the skill is specifically marketed for bypassing anti-scraping defenses, insufficient disclosure makes accidental misuse and covert collection materially more likely.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The injected stealth script hard-codes navigator.languages and navigator.language to Chinese values, causing all browsing sessions to impersonate a Chinese-speaking user without caller consent. In a scraping skill explicitly designed to evade bot detection, this can misrepresent user identity, bias fetched content, and increase privacy/compliance risk when used against geo- or language-sensitive sites.

Natural-Language Policy Violations

Medium
Confidence
99% confidence
Finding
The browser context is created with fixed locale 'zh-CN' and timezone 'Asia/Shanghai', which forces a specific regional identity for every request. Given this skill’s stated purpose of stealth scraping and anti-detection evasion, hard-coded regional spoofing makes the issue more dangerous because it deliberately masks origin and may trigger region-specific behavior, inaccurate data collection, or policy evasion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal