Skillv1.0.7

ClawScan security

Instagram Scraper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 4, 2026, 2:53 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions describe a full browser-based Instagram scraper that needs Python/Chromium, login credentials, Google API keys, and residential proxy credentials, but the registry metadata declares no binaries or environment requirements — several important capability/privilege details are missing or inconsistent.
Guidance: This skill's description matches its scraping purpose, but its SKILL.md requires additional binaries, credentials, and proxy accounts that are not declared in the registry metadata. Before installing, ask the publisher for: (1) a clear list of required binaries/dependencies and an install spec (how to install Playwright, Python, Chromium), (2) a list of all environment variables or credentials the skill will read/write (Instagram login, Google API key, proxy username/password), and (3) the full source or a trustable homepage. Only provide Instagram credentials or proxy credentials if you trust the author — prefer running the skill in an isolated environment or VM because it writes scraped data and thumbnails to disk. Also consider legal/ToS risks of scraping Instagram and beware of affiliate links/recommended paid proxy providers. If the publisher cannot justify or document the missing requirements, treat the skill as untrustworthy.

Review Dimensions

Purpose & Capability: concernThe SKILL.md clearly expects a Python + Playwright/Chromium environment, state directories (data/output, thumbnails), and proxy support; however, the registry metadata lists no required binaries, env vars, or config paths. That mismatch means the declared requirements do not match what the skill actually needs to perform scraping.
Instruction Scope: concernRuntime instructions tell the agent to run a two-phase discovery/scrape pipeline, edit config/scraper_config.json, handle Instagram login/verification, use Google Custom Search optionally, download thumbnails to local paths, and operate residential proxies. These steps involve reading/writing local files and handling credentials (login codes, API keys, proxy credentials) even though those secrets are not declared in metadata.
Install Mechanism: noteThere is no install spec (instruction-only), which reduces installer risk. However, SKILL.md expects external dependencies (python3, chromium, Playwright) and persistent state directories; the absence of an install step means the agent or user must provision these themselves — this is an operational gap that should be clarified.
Credentials: concernThe skill does not declare any required environment variables or a primary credential, but the instructions implicitly require Instagram login credentials (and handling of verification codes), optional Google API key and search engine ID, and residential proxy provider credentials. Not declaring these sensitive needs is disproportionate and hides what secrets the skill will need or handle.
Persistence & Privilege: okThe skill is not force-enabled (always:false) and does not request elevated system-wide privileges in the metadata. It does expect to create and use local state directories and files (data/, thumbnails/), which is reasonable for a scraper but should be made explicit.