Back to skill
Skillv1.0.0
ClawScan security
Scraper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 7:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and resource access are consistent with a simple local web-page scraping helper for public/user-authorized pages.
- Guidance
- This skill appears to do what it says: fetch public pages, extract text, and save results locally. Before installing or enabling it for autonomous use, consider: (1) the scripts will fetch any URL you or the agent give them — add URL validation or an allowlist if you need to block internal/IP ranges (SSRF risk); (2) there is no enforcement of 'public/user-authorized' rules — rely on agent policies or operator oversight to prevent misuse (paywall/login bypass, private endpoints); (3) outputs are stored at ~/.openclaw/workspace/memory/scraper — check and clean that directory if sensitive data might be saved. If you only plan manual, user-initiated runs and trust the callers, the skill is coherent and appropriate.
Review Dimensions
- Purpose & Capability
- okName/description match the included scripts: fetching pages, extracting text, saving outputs locally. No unrelated credentials, binaries, or installs are requested.
- Instruction Scope
- noteSKILL.md and scripts restrict work to public/user-authorized pages and local-only storage. However, there is no runtime enforcement of those rules: the scripts will fetch any URL provided (including internal IPs/localhost), and there is no robots/paywall/captcha checking, rate limiting, or URL validation. That is expected for a small helper but is a security consideration rather than an incoherence.
- Install Mechanism
- okNo install spec and no remote downloads; the skill is instruction-only with bundled Python scripts, which minimizes install risk.
- Credentials
- okThe skill requires no environment variables or credentials and only writes under ~/.openclaw/workspace/memory/scraper, consistent with the declared purpose.
- Persistence & Privilege
- noteThe skill is not always-enabled and can be invoked by the user. It does create persistent local state (jobs.json and output files) under the user's home — this is coherent but users should be aware of stored files and cleanup policy.