ClawHub

A skill for OpenClaw that verifies link validity, source credibility, and factual accuracy of online content.

Security checks across malware telemetry and agentic risk

Overview

This is a simple link checker that uses web access as advertised, but its fact-checking is incomplete and private links should not be submitted.

Install only if you are comfortable with the agent contacting URLs you provide. Do not use it on private, internal, localhost, cloud-metadata, or sensitive document links, and do not rely on its fact-checking unless the agent independently provides cited source comparisons.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly depends on `web_fetch` and `web_search`, so it performs network operations while the metadata does not declare corresponding permissions or user-facing notice. Undeclared network capability weakens reviewability and informed consent, and can lead to user-provided URLs or text being transmitted to external services unexpectedly.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill advertises fact-checking, but when a `fact` is provided it only returns the fixed string "Pending cross-verification" and performs no verification at all. This is dangerous because downstream users or agents may trust the output as evidence that fact-checking occurred, enabling misinformation laundering through a security-relevant automation component.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to fetch arbitrary URLs and search external sources without warning that user-supplied links or article text may be transmitted off-platform. This creates privacy and data-handling risk, especially if users submit internal URLs, private documents, or sensitive claims for verification.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The code performs `fetch` requests to arbitrary user-supplied URLs with no allowlist, scheme restriction, or warning that outbound network access will occur. In an agent/runtime context, this can be abused for SSRF-style access to internal services, cloud metadata endpoints, or network scanning, and the returned status/title can leak information about otherwise unreachable resources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal