ClawHub

Douban Self Taste Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Douban personal-history analyzer, but it handles Douban cookies and stores personal ratings/comments locally, so users should treat its data as private.

Install only if you are comfortable giving the agent access to your own Douban cookies and keeping a local copy of your Douban history. Use it only with your own UID, keep .local/douban-self-taste/ private and out of version control, and delete the cookie/cache/analysis files when you no longer want them reused.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill clearly directs file reads/writes and network crawling, yet no explicit permissions model is declared. That mismatch can cause an agent or reviewer to underestimate the skill's effective access, especially because it can read cookies, fetch logged-in pages, and persist account-derived data locally. In this context, the missing declaration is not inherently malicious, but it weakens transparency and consent around sensitive operations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs use of stored login cookies to crawl the user's logged-in Douban pages, but it does not include an explicit warning that cookies are authentication secrets and that crawled data comes from an authenticated account context. If mishandled, cookies could enable account misuse, and the collected history may expose sensitive behavioral and preference data. The context makes this more dangerous because the skill is specifically designed to access private, logged-in user data rather than public content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill specifies persistent local storage for cookies, crawl cache, and analysis outputs containing the user's Douban history, comments, ratings, and derived taste analysis, but it does not clearly warn that this creates a lasting local copy of potentially sensitive personal data. That persistence increases exposure to later unauthorized access, accidental commits, or reuse beyond the user's expectations. The context increases risk because the data is highly personal and longitudinal, not merely transient processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal