ClawHub

Bearblog

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill is purpose-aligned for Bear Blog publishing, but it documents logged-in browser control and a delete workflow that bypasses the site’s confirmation prompt.

Review this skill before installing if you want strict control over publishing or deleting posts. It appears intended for Bear Blog management, but you should require explicit approval before publish, unpublish, edit, or delete actions, especially because the example deletion flow bypasses the site confirmation prompt.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI02: Tool Misuse and Exploitation
What this means

If used in a logged-in session, the agent could delete a Bear Blog post without the normal in-page confirmation safeguard.

Why it was flagged

The documented delete workflow bypasses the site confirmation dialog before clicking a destructive Delete button.

Skill content
### Delete Post

# Override confirm and click delete ... "fn": "() => {\n    window.confirm = () => true; ... if (btn) { btn.click(); return 'deleted'; }"
Recommendation

Require explicit user confirmation naming the exact post before deletion, and avoid overriding confirmation dialogs unless the user has specifically approved that action.

Low
#ASI03: Identity and Privilege Abuse
What this means

After login, the agent can act as the Bear Blog account for supported post-management actions.

Why it was flagged

The skill depends on a persistent authenticated Bear Blog browser session, giving browser actions ongoing authority over the user's blog account.

Skill content
Bear Blog requires browser-based authentication. Log in once via the browser tool, and cookies will persist.
Recommendation

Use this only with an account you intend the agent to manage, and review browser session/cookie persistence if sharing the environment.

Low
#ASI05: Unexpected Code Execution
What this means

Raw browser evaluation can make account changes more directly than ordinary clicks and form fills.

Why it was flagged

The examples use browser JavaScript evaluation inside the authenticated Bear Blog page. This is documented and related to browser automation, but it can bypass normal UI interactions.

Skill content
POST /act {
  "kind": "evaluate",
  "fn": "() => { document.getElementById('publish-button').click(); return 'saved'; }"
}
Recommendation

Prefer normal browser fill/click actions where possible, and reserve evaluate snippets for cases the user has reviewed.