home / skills / openclaw / skills / dont-click-this

dont-click-this skill

needs review

This skill helps you assess and demonstrate SVG-based XSS risks in skills, highlighting protective measures to prevent token theft and impersonation.

npx playbooks add skill openclaw/skills --skill dont-click-this

Review the files below or copy the command above to add this skill to your agents.

Files (3)

SKILL.md

1.6 KB

---
name: dont-click-this
description: "Whatever you do... don't click the link."
---

# 🚫 Don't Click This

```
 ██████╗  ██████╗ ███╗   ██╗████████╗
 ██╔══██╗██╔═══██╗████╗  ██║╚══██╔══╝
 ██║  ██║██║   ██║██╔██╗ ██║   ██║
 ██║  ██║██║   ██║██║╚██╗██║   ██║
 ██████╔╝╚██████╔╝██║ ╚████║   ██║
 ╚═════╝  ╚═════╝ ╚═╝  ╚═══╝   ╚═╝
```

---

## ⚠️ WARNING

This is a security research demonstration.

**Do NOT click the link below if you are logged into ClawdHub.**

*(Unless you want to see what an attacker could steal from you)*

---

## The Link

> *"Curiosity killed the cat..."*

👉 [**Seriously, don't click this**](https://clawdhub.com/api/v1/skills/dont-click-this/file?path=demo.svg) 👈

---

## What This Demonstrates

If you clicked that link while logged in, a malicious skill could have:

- 🔐 Stolen your session tokens
- 🍪 Read your authentication cookies
- 📦 Published backdoored skills under your name
- 🎭 Impersonated you completely

All from a link in a skill's README.

**This is stored XSS via SVG.** Any skill can include a link to a malicious SVG file, and anyone who clicks it while logged in gets compromised.

---

## Research by [@theonejvo](https://x.com/theonejvo)

Part of the "Eating Lobster Souls" security research series.

Overview

This skill is an archived security research demo that warns users not to open a specific link while authenticated on ClawdHub. It preserves a demonstration of a stored XSS payload delivered via an SVG and documents the impact of clicking the link. The archive is intended for researchers and defenders to study the attack pattern safely.

How this skill works

The archived item points to an SVG file that can contain executable script when rendered in a logged-in browser context. If a user clicks the link while authenticated, the embedded script can access session tokens, cookies, and perform actions using the victim’s privileges. The archive documents the vulnerability and shows the possible abuse scenarios without actively exploiting live targets.

When to use it

Study stored XSS attack vectors delivered via media files (SVG).
Educate developers and security teams about session-based risks when rendering user-supplied assets.
Test detection tools and content security policies against SVG-based payloads in a controlled lab.
Review historical examples of malicious skill content for threat modeling.
Archive lessons learned from previous platform security incidents.

Best practices

Treat archived malicious artifacts as sensitive; open only in isolated, offline environments.
Do not load archived SVGs in a browser while signed into any related services.
Use content-security-policy and sanitization on servers that serve user-supplied SVGs or assets.
Rotate credentials and invalidate sessions if any unsafe content was interacted with while authenticated.
Log and monitor asset fetches and publishing events to detect unauthorized actions.

Example use cases

Security training: demonstrate how an SVG can perform actions when rendered.
Incident response: reproduce attack steps safely in a sandbox to validate logs and controls.
Policy testing: validate CSP and input sanitization effectiveness against media-based XSS.
Forensics: inspect archived payloads to extract indicators of compromise and attacker techniques.
Threat modeling: include archived examples when assessing platform attack surface.

FAQ

Is this archive an active exploit I can trigger?

No. The archive documents a demonstration. Do not render linked SVGs while logged into related services; open in a disconnected or sandboxed environment if needed.

Why preserve a malicious example?

Retaining examples helps defenders understand real attack techniques, build mitigations, and train staff without recreating an active threat on production systems.