ClawHub

social-media-title-insight

Security checks across malware telemetry and agentic risk

Overview

This is a coherent social-media title analysis skill, but it needs review because it includes under-scoped dynamic expression evaluation and under-disclosed outbound data paths.

Install only if you are comfortable reviewing the commands before running them. Prefer uploaded local files over account API lookup, do not pass cookies, avoid the compute expression feature unless you fully control the formula, use a virtual environment instead of system Python, and delete the generated runs directory after processing sensitive data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Low
Confidence
91% confidence
Finding
The generated report loads Tailwind CSS from a public CDN at view time, which creates an unnecessary external network dependency and leaks report access metadata such as viewer IP, user agent, and timing to the CDN. If the CDN is unavailable or compromised, report rendering can fail or be influenced by third-party content outside the local tool's control.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The script renders a local HTML file in a full browser context and explicitly waits for network activity to settle, which allows any external resources referenced by the HTML to be fetched. In this skill context, that creates unnecessary outbound network access during report generation, enabling data exfiltration, tracking, or unexpected requests from attacker-controlled HTML content even though the skill's stated purpose is social media title analysis.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
When no file is uploaded, the skill sends account identifiers to an external API, but the user-facing description does not warn about this transfer. The missing disclosure undermines informed consent and can expose account names, associated metadata, or session-linked requests to third-party infrastructure unexpectedly.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The function transmits account data and an optional raw Cookie header to an external service without any in-function confirmation, warning, or minimization safeguards. This can expose sensitive session material or account-related data to a third party, and in a skill context users may not realize that analysis triggers outbound authenticated requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Rendering local HTML with Playwright while permitting unrestricted network access means the generated document can trigger outbound requests to third-party domains without the user's knowledge. Because this helper processes local files, a crafted HTML report could beacon metadata or sensitive embedded content to external servers, and the lack of any warning or consent makes the privacy/security issue more severe.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal