ClawHub
Back to skill

Security audit

Forum Downloader

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward forum media downloader whose network, proxy, folder creation, and file download behavior matches its stated purpose.

Install only if you are comfortable with the agent running PowerShell, contacting the forum through the proxy you provide, and saving many files locally. Use trusted forum URLs and proxy settings, choose a dedicated download folder, and confirm the resolved title-based output directory before allowing downloads.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The usage description says the skill will automatically fetch forum content, create folders, parse media URLs, and download files once a forum URL is provided, but it does not define clear trigger boundaries or require explicit per-action confirmation. In an agent setting, this can cause unintended invocation and automatic execution of network and filesystem side effects from loosely matching user requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not clearly warn that it will write files to disk and perform network downloads through a user-supplied proxy, both of which are high-risk side effects. This is especially sensitive because forum content may be untrusted, proxies may route traffic through third parties, and bulk downloads can expose users to privacy, legal, or malware risks.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.