Skillv1.0.0

ClawScan security

HARPA AI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 16, 2026, 5:34 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions coherently match its stated purpose (remote browser automation via HARPA Grid); there are no signs of mismatched or unexplained privileges — but the capability to scrape pages (including behind-login) and to forward results to arbitrary webhooks carries obvious privacy/exfiltration risk that users should understand before enabling it.
Guidance: This skill appears to do what it says: call the HARPA Grid REST API using a HARPA_API_KEY to control browser nodes and scrape pages. Before installing, consider the following in plain terms: - HARPA_API_KEY gives the service the ability to run actions in your browser nodes and access pages those nodes can reach, including pages behind your login cookies — treat it like a powerful secret. Don't reuse the key elsewhere. - The API supports resultsWebhook (posting results to an arbitrary URL). If you or an automation supply a webhook, scraped page contents (including potentially sensitive data) can be sent to that external server and retained for up to 30 days. Only use trusted webhook endpoints. - Ensure the HARPA Chrome extension and any nodes you use are legitimately installed from the official source (https://harpa.ai). A malicious or compromised extension/node could expose more data. - This skill is instruction-only (no code installed), so risks come from the remote API and what you ask it to scrape. Limit requests to non-sensitive pages, or run automation from isolated browser profiles/accounts for scraping protected content. - Operational advice: rotate the HARPA_API_KEY if you suspect misuse, monitor API activity if HARPA provides logs, and review the HARPA Grid docs and privacy policy to understand retention and sharing. If you need, I can point out specific request parameters and example payloads that are safer (e.g., avoid resultsWebhook, limit node broadcasting, and avoid scraping authenticated pages).

Review Dimensions

Purpose & Capability: okName/description describe browser automation and scraping via HARPA Grid. Declared requirement (HARPA_API_KEY) and optional tools (curl/wget) are exactly what this integration needs. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md gives concrete curl examples that only use the HARPA API and the HARPA_API_KEY. However, the API explicitly supports scraping pages using the user's browser session (cookies) and sending async results to arbitrary webhooks — both of which enable exfiltration of sensitive page content if misused. The instructions do not instruct the agent to read local files or other unrelated environment variables.
Install Mechanism: okInstruction-only skill with no install spec or code. This is low-risk from an install perspective (nothing is written to disk by the skill itself).
Credentials: okOnly a single credential (HARPA_API_KEY) is required and declared as the primary credential; that aligns with the documented API usage. No unrelated secrets or system paths are requested.
Persistence & Privilege: okalways:false (default) and agent-autonomy not disabled. The skill does not request permanent/always-on presence or modification of other skills. No elevated system privileges are requested.