ClawHub

issuu_downloader

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Issuu downloader, but it is explicitly built to work around blocking and may automatically route traffic through local proxies.

Install only if you understand that this tool is designed to bypass Issuu blocking and may use a local proxy automatically. Use it only for documents you are authorized to copy, avoid untrusted proxies, and prefer a version that asks before proxy probing and validates Issuu URLs before making any network request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The code silently scans common localhost proxy ports and routes traffic through any responsive proxy it finds, which is unnecessary for a normal downloader unless explicitly requested by the user. This creates undisclosed network-routing behavior, can unexpectedly exfiltrate browsing targets through local proxy software, and aligns with evasion/circumvention patterns that increase security and policy risk.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The comment stating the delay is meant to look more 'human' indicates deliberate anti-detection behavior rather than ordinary rate limiting or politeness. In context, this suggests the tool is designed to avoid service defenses while scraping protected content, which materially increases abuse potential.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
This logic systematically probes derived page URLs to discover page count while comments explicitly describe reducing 503s and using 'safer' probing, showing an effort to bypass or work around platform protections. In a downloader for Issuu content, the context makes this more dangerous because it appears tailored to enumerate and extract document pages outside a sanctioned access path.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation guidance is broad enough that an agent could trigger this skill whenever a user mentions an Issuu URL, without clear checks for authorization, copyright compliance, or explicit consent to use network-evasion features. In context, the skill is explicitly framed around downloading Issuu content and overcoming access restrictions, which increases the chance of misuse and unintended activation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill advertises automatic detection and use of local proxies on common ports but does not prominently warn the user that it may inspect and route traffic through locally configured proxy services. That creates meaningful security and privacy risk because an agent could silently leverage sensitive local network configuration, and in this skill's context the proxy support is tied to bypassing regional restrictions and service blocks, making the behavior more dangerous.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
img2pdf>=0.5.1
urllib3>=2.0.0
Confidence
90% confidence
Finding
requests>=2.31.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
img2pdf>=0.5.1
urllib3>=2.0.0
Confidence
90% confidence
Finding
img2pdf>=0.5.1

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
img2pdf>=0.5.1
urllib3>=2.0.0
Confidence
90% confidence
Finding
urllib3>=2.0.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
81% confidence
Finding
requests

Known Vulnerable Dependency: urllib3 — 10 advisory(ies): CVE-2025-66471 (urllib3 streaming API improperly handles highly compressed data); CVE-2024-37891 (urllib3's Proxy-Authorization request header isn't stripped during cross-origin ); CVE-2026-21441 (Decompression-bomb safeguards bypassed when following HTTP redirects (streaming ) +7 more

High
Category
Supply Chain
Confidence
83% confidence
Finding
urllib3

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal