Skillv0.1.1

ClawScan security

Grok Scraper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 10:49 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, files, and instructions are internally consistent with its stated purpose (automating Grok queries via a Playwright browser session), but it requires storing and using your logged-in x.com browser session and supports scheduled/automated runs—so be aware of privacy/abuse risks before installing.
Guidance: This skill appears to do what it claims (automate Grok queries by controlling a real browser). Before installing: (1) Understand it requires an interactive login to x.com and will store session cookies under the skill's session/ directory — treat that folder as sensitive (do not install on shared or untrusted hosts). (2) The skill recommends and supports cron scheduling; scheduled runs will act as your logged-in account—only enable scheduling if you accept automated activity under your account. (3) Review the scripts (login.js, scrape.js, run.sh) and outputs (output/) so you know what data is written locally. (4) Consider policy/ToS implications of scraping/automation for x.com/Grok and prefer official APIs where appropriate. (5) If you proceed, run it in an isolated environment (dedicated VM or local machine), and revoke/recreate your session if you suspect compromise.

Review Dimensions

Purpose & Capability: okThe name/description claim (use Playwright to query Grok without an X API key) matches the included scripts (login.js, scrape.js, inspect-dom.js, run.sh) and README. There are no unrelated env vars, binaries, or surprising dependencies. The design (persisted browser session + Playwright) is a coherent method for the stated goal.
Instruction Scope: noteSKILL.md and README instruct the agent/operator to run npm install, run playwright, perform an interactive login to x.com that saves a local session directory, and then run scripts/run.sh to execute queries. This stays within the scraper's purpose, but the instructions also encourage cron scheduling and say to 'ALWAYS use this skill' when free Grok access is requested — which could cause automated, repeated use of the user's logged-in account if enabled.
Install Mechanism: okNo binary download/install spec in the skill registry; install is via npm (package.json) and npx playwright install chromium. Those are standard and traceable (npm/Playwright). The repository does not pull arbitrary archives or use obscure URLs.
Credentials: noteThe skill requests no environment variables, which is proportional. However it requires and will store a browser session (cookies/credentials) in the skill's session/ directory after the manual login — this grants the skill the ability to act as the logged-in user on x.com. That is necessary for the scraper's method but is a sensitive capability the user should understand and protect.
Persistence & Privilege: notealways:false (normal). The skill can be invoked autonomously (disable-model-invocation:false) which is the platform default. Combined with the saved session and the provided run.sh + cron examples, the skill can be scheduled to run automated queries as the user's account. This is expected for this use case but increases the blast radius if the session or skill is compromised.