ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Data Scraper

v1.0.0

Automates web and API data extraction with cleaning, formatting, scheduling, proxy support, retries, deduplication, and real-time monitoring.

1· 1.4k·7 current·7 all-time
byZhangYang@arthasking123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill description and SKILL.md advertise advanced scraping capabilities (proxy pool support, retries, deduplication, real-time monitoring, scheduling, billing tiers). The included code (main.sh and package.json) implements only a minimal curl-based fetcher that writes to ./output and does not implement proxies, retries, deduplication, monitoring, cron scheduling, or payment integration. This is an overclaim / mismatch between stated purpose and actual capability.
!
Instruction Scope
SKILL.md shows example invocations using flag-style commands (openclaw run scraper --url <...> --cron <...>) but the provided main.sh expects positional arguments and does not parse --url/--api/--format/--cron flags. SKILL.md promises features (cron scheduling, API integration) that are not present in the instructions or script. The instructions do not ask the agent to read unrelated credentials or files (good), but they are inconsistent with the shipped code.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. However, the skill bundles code files (main.sh and package.json) despite claiming to be instruction-only; that's not itself malicious but is inconsistent and means code will be present on disk when installed. The code is plain shell and only depends on curl being present.
Credentials
The skill requests no environment variables, no credentials, and specifies no config paths. That is proportionate to the minimal behavior of the script (it simply calls curl and writes files).
Persistence & Privilege
always:false and normal invocation flags. The skill does not request persistent or system-wide privileges, and it does not modify other skills or system config. It writes files to a local './output' directory (relative) which could overwrite files if run in a sensitive working directory — a normal file I/O concern rather than elevated privilege.
What to consider before installing
This package looks sloppy rather than actively malicious: the README and marketing promise many advanced features that are not implemented in the shipped script. Before installing or using it, consider: 1) Don't expect proxy pools, retries, dedupe, scheduling, or monitoring — they are not implemented. 2) Test in an isolated directory or sandbox (not your home or repo root) because the script will write files to ./output. 3) Run it manually with a safe public URL to confirm behavior and network calls (it uses curl to fetch whatever URL you supply). 4) If you need the advertised features, ask the author for an explanation or implementation, or inspect/modify the script to add proper flag parsing, retries, proxy usage, and safe path handling. 5) Because the SKILL.md examples use flag syntax but the script uses positional args, avoid automated/production use until the interface is fixed. If you require higher assurance (e.g., for sensitive data), do not install this skill until the mismatches are resolved and the author provides audited code.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bvq2hq5m7h46kbxkxz4vwkh81h1qt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments