ClawHub

Browser Devtools

Security checks across malware telemetry and agentic risk

Overview

This looks benign, but it is a limited local shell utility with under-documented local logging rather than a full Chrome Dev Editor tool.

Install only if you are comfortable with a small local command-line utility rather than a complete Chrome Dev Editor integration. Review its help output first, set BROWSER_DEVTOOLS_DIR if you want to control where files are written, and do not pass tokens, passwords, private URLs, or sensitive project details to commands that may be logged or stored.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
79% confidence
Finding
The command list exposes broad triggers such as help, run, info, and status without defining allowed arguments, side effects, or safety boundaries. In an agent setting, underspecified triggers can enable invocation of sensitive or unexpected functionality because the operator lacks enough context to safely determine what each command may do.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script silently records command activity to a history file via `_log` without disclosing this behavior to the user. In a skill context, hidden logging can capture sensitive operational data, search terms, arguments, or identifiers, creating privacy and auditability risks, especially because the skill's stated purpose does not suggest telemetry or persistent local tracking.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The `add` command appends arbitrary user-supplied content to a local database file without any disclosure, retention notice, or sensitivity checks. This can lead to unintentional storage of secrets or private data on disk, and the misleading skill context makes the behavior more concerning because users may not expect a generic persistent datastore in a Chrome Dev Editor tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal