ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LinkedIn Company Scout

v1.0.1

Collect company intelligence for sourcing or research by automating Google Chrome against LinkedIn, company websites, and Google Maps. Use when Codex needs t...

0· 57·0 current·0 all-time
by@549800894
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (collect company profiles and enrich emails) matches the included scraping code. However the full-pipeline script invokes external user-local scripts (EMAIL_PUSH_SCRIPT and DASHBOARD_REFRESH_SCRIPT) located under /Users/m1/Documents/Playground — running the full pipeline will execute code outside the skill bundle. The skill metadata declares no credentials or external services, yet the pipeline clearly includes an email-sending phase and references external project scripts, which is disproportionate and environment-specific.
!
Instruction Scope
SKILL.md and the scripts instruct the agent to: attach Selenium to the user's real Chrome session (opening a remote debugging port), reuse/create a persistent Chrome profile under the user's home, enable OpenClaw heartbeat via the 'openclaw' CLI, crawl LinkedIn, visit external websites and Google Maps, and optionally run an email campaign and refresh a dashboard. The instructions explicitly call out absolute local paths and an external email push script, which expands scope beyond simple scraping and grants the skill the ability to execute arbitrary local scripts and send emails.
Install Mechanism
There is no declared install spec (instruction-only + included scripts). At runtime the scripts use webdriver_manager.chrome to download and install ChromeDriver if needed — an implicit network download. While webdriver_manager is common for Selenium, this implicit fetch is not declared in the metadata and will write to disk. No other external downloads were found in the bundle.
!
Credentials
The registry metadata declares no required environment variables or credentials, but the full pipeline expects an SMTP password (passed as --smtp-password) to run the email phase. The skill also uses the 'openclaw' CLI if present and creates/uses local files (Chrome profile dir, sqlite DB). Asking for an SMTP password at runtime (and passing it on the command line) is sensitive and not represented in the manifest, which is an inconsistency and a risk for secret exposure.
Persistence & Privilege
always:false (normal). The scripts create a persistent Chrome profile under the user's home (~/.linkedin-company-scout/chrome-profile) and write a sqlite DB and output files in user-specified locations. They do not appear to modify other skills or system-wide configs. Creating a persistent browser profile and opening a remote-debugging port are elevated actions the user should be aware of, but are coherent with the skill's automation goal.
What to consider before installing
Before running or installing this skill consider the following: - The 'full pipeline' will execute external scripts outside the skill folder (e.g., /Users/m1/Documents/Playground/email-ops/push_design_services_campaign.py). Inspect those scripts first — they will run with your user privileges. - The skill does not declare any required credentials but the email phase expects an SMTP password passed on the command line. Passing secrets via CLI is insecure (shell history exposure). Only provide credentials you are willing to expose, or use a throwaway/test account. - The scraping code attaches to your real Google Chrome via a remote debugging port and creates a persistent profile under your home directory. This opens a local TCP port and modifies browser profile data — run only if you trust the code and understand the implications. - The scripts use webdriver_manager to download ChromeDriver automatically at runtime (network fetch + disk write). If your environment restricts downloads, be aware the driver may be fetched on first run. - If you want only data collection (no email sending or dashboard refresh), run run_linkedin_company_scout.py by itself and avoid the run_full_pipeline.py command. Consider using --no-heartbeat and run with test keywords and a restricted output directory first. Recommended precautions: - Inspect the external EMAIL_PUSH_SCRIPT and dashboard scripts referenced by run_full_pipeline.py before executing the pipeline. - Run the skill in an isolated account, VM, or sandbox if possible. - Never provide your primary SMTP credentials; use a test mailbox and the --recipient-override flag to confirm behavior before any real sends. - If you cannot review external scripts, do not run the full pipeline; limit execution to the contained scout script and review its outputs manually. Given these inconsistencies between the skill manifest and its runtime behavior, proceed carefully — the skill is coherent for scraping, but the extra implicit behaviors make it suspicious until audited.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dx5v2wa0n6em710129s0ee984cqhz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments