ClawHub
Back to skill

Security audit

NodeMaven – Premium Proxies for Account Management, Automation, and Scraping

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only proxy setup skill, but it gives under-scoped guidance for anti-detect account automation, logged-in scraping, credential use, and account/proxy mutations that users should review carefully.

Install only if you intentionally want an agent to configure NodeMaven proxies and you are comfortable giving it API/proxy credentials. Do not use it for unauthorized scraping, ban evasion, account farming, or platform-abuse automation. Require explicit approval before purchases, whitelist changes, sub-user changes, resets, or deletion, and prefer masked credentials or local environment variables over full proxy URLs in chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Ssd 4

Medium
Confidence
94% confidence
Finding
This section explicitly coaches the agent on how to reduce detection during logged-in scraping and high-volume account automation, including anti-detect setup, throttling, traffic spreading, and maintaining sticky sessions. That meaningfully enables stealthy abuse of third-party platforms and operational evasion, which is dangerous even though it is framed as risk reduction rather than overt wrongdoing.

Ssd 4

Medium
Confidence
96% confidence
Finding
The playbooks and decision rules provide a full operational workflow for account management, scraping, browser automation, session persistence, sub-user isolation, geo-targeting, and anti-detect pairing. In context, this is a structured enablement guide for scalable evasion of platform detection and abuse controls, making the skill materially more dangerous than neutral proxy configuration documentation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal