Instagram Skill via cyberdrk/gram CLI
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: gram Version: 1.0.0 The skill bundle is classified as suspicious due to its explicit instructions in SKILL.md for the `gram` CLI tool to access sensitive browser cookie databases via options like `--cookie-source`, `--chrome-profile-dir`, and `--firefox-profile`. While this capability is plausibly needed for the stated purpose of an Instagram CLI using cookie-based authentication, it represents a high-risk operation. There is no clear evidence of intentional malicious behavior like exfiltration or persistence within the provided files, but the direct access to browser data makes it a significant security concern.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused or compromised, the skill could access the user’s Instagram account through existing browser/session cookies.
The skill explicitly uses live Instagram session cookies and browser cookie sources, giving the CLI access as the logged-in user. That is high-impact credential/session access and the artifacts do not show strong boundaries around extraction, storage, or use.
`gram` uses cookie-based auth from your Instagram web session. Use `--session-id`, `--csrf-token`, and `--ds-user-id` to pass cookies directly, or `--cookie-source` for browser cookies.
Use a dedicated Instagram session or test account where possible, avoid broad browser-cookie extraction unless necessary, verify what cookies are used, and revoke the session if anything unexpected occurs.
An agent using this skill could accidentally like, comment, follow, unfollow, save, or unsave content under the user’s Instagram account.
The documented commands can mutate the Instagram account and create public or socially visible activity. The skill does not document confirmation requirements or other guardrails before these actions.
gram comment <shortcode> "nice!" # Comment on a post gram follow <username> # Follow a user gram unfollow <username> # Unfollow a user
Treat the skill as read-only unless the user explicitly requests an engagement action, and require confirmation of the exact target and comment text before running mutating commands.
The user must trust the external npm package with Instagram session access; static scanning of this skill did not inspect that package code.
The skill depends on an external npm package to provide the CLI. The reviewed artifacts contain only SKILL.md and no package source code, while the package will handle browser/session cookies.
node | package: @cyberdrk/gram | creates binaries: gram
Inspect or pin the npm package version before installation, verify the package provenance, and avoid exposing valuable account cookies to unreviewed code.