ClawHub

商品比价

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed e-commerce price-comparison scraping skill with real privacy and terms-of-service caveats, but no evidence of hidden credential use, exfiltration, purchases, or destructive behavior.

Install only if you are comfortable with automated browsing of e-commerce sites. Prefer unauthenticated browsing or a dedicated test account, avoid exposing real shopping sessions with addresses, order history, payment methods, or coupons, and confirm that scraping the target platforms is allowed for your use case.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill documentation materially understates and misstates behavior by including anti-bot evasion tactics and broader platform handling while omitting key operational and risk details. In particular, the explicit '模拟真实用户行为' measures indicate deliberate attempts to evade platform protections, which can expose users and operators to account blocking, legal/terms-of-service violations, and unsafe deployment of browser automation under false expectations.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README explicitly lists browser automation and file/report management capabilities but does not disclose that using the skill may trigger outbound requests to e-commerce platforms and create local artifacts. In an agent setting, insufficient disclosure around network access and local file writes can cause users to unknowingly expose search intent, session context, or leave sensitive reports on disk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill omits a clear user warning that it performs automated browsing against e-commerce sites and includes anti-bot evasion techniques. That lack of disclosure can cause unsuspecting users to trigger behavior that violates platform rules or leads to captchas, account restrictions, IP bans, or compliance issues, especially because the anti-crawling section is framed as an implementation detail rather than a consent-relevant risk.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The code and comments explicitly frame part of the workflow as 'anti-anti-scraping,' indicating an intent to evade e-commerce platform bot-detection controls. In a price-comparison skill that targets multiple commercial sites, this context makes the behavior more concerning because it could be expanded into unauthorized scraping that violates terms of service, triggers account/IP blocking, or facilitates stealth automation against third-party services.

Ssd 2

Medium
Confidence
84% confidence
Finding
The code comments and method purpose explicitly describe simulating human behavior to evade anti-scraping defenses, which indicates intent to bypass platform protections. Even though the current implementation is limited, this normalizes and scaffolds potentially abusive scraping behavior that can violate terms of service and enable unauthorized data collection once completed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal