闲鱼数据抓取
Security checks across malware telemetry and agentic risk
Overview
Review before installing: this skill uses stealth web scraping, account cookies, external uploads, scheduled background jobs, and unsafe shell-command construction.
Install only if you are comfortable with automated scraping and external uploads. Avoid curl|bash, inspect the code first, disable cron and upload unless needed, use a dedicated low-privilege Gitee token, avoid personal Xianyu cookies, and require fixes for the shell-command injection issue before using untrusted keywords.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or accidental keyword containing shell metacharacters could run commands on the user's machine under the agent's privileges.
The keyword comes from command-line/user input and becomes part of a filename that is later interpolated into a shell command. Quoting does not prevent shell substitution such as $() or backticks, so a crafted keyword can execute local commands.
const screenshotPath = path.join(screenshotDir, `xianyu-${keyword}.png`); ... execSync(`python3 ${pythonScript} "${item.screenshot}"`Replace execSync shell strings with spawn/execFile argument arrays, sanitize filenames strictly, and reject shell metacharacters in user-provided keywords and config paths.
Using this skill may violate platform rules, trigger account restrictions, or cause scraping behavior the user did not intend to run at scale.
The advertised purpose is not just ordinary browsing automation; it explicitly aims to bypass the platform's anti-crawling controls.
使用 Playwright + OCR 技术突破闲鱼反爬虫
Only use with clear authorization and rate limits; avoid using personal cookies, and consider removing stealth/anti-detection behavior.
If the remote script is changed, replaced, or pointed at the wrong repository, installation can run arbitrary code on the user's machine.
The recommended install path executes an unpinned remote shell script directly, with no integrity check or reviewed source binding.
curl -sL https://raw.githubusercontent.com/your-username/xianyu-data-grabber/main/install.sh | bash
Do not use curl|bash. Download a pinned release or commit, verify checksums/signatures, and review the installer before execution.
The skill can keep scraping, generating reports, cleaning files, and potentially uploading data on a schedule after the initial installation.
The installer automatically appends scheduled jobs to the user's crontab rather than merely documenting optional scheduling.
(crontab -l 2>/dev/null || true; cat "$CRON_FILE") | crontab -
Make cron installation an explicit opt-in step, show the exact jobs before installing them, and provide a clear disable command.
A token or cookie placed in the config could allow repository writes and authenticated Xianyu browsing by the skill, including during scheduled runs.
The skill asks for a repository access token and a login session cookie; these grant account-level authority and are used by automated scraping/upload flows.
GITEE_TOKEN: Gitee 个人访问令牌 ... XIANFU_COOKIE: 闲鱼登录 Cookie(可选,提高成功率)
Use a least-privilege token for a dedicated repository, avoid using personal session cookies when possible, remove credentials after use, and ensure the config file is chmod 600.
Captured pages or scraped data could be published or shared through Gitee when the user expected only local analysis.
Screenshots and extracted data can be sent to an external Gitee repository, including pages captured while an optional login cookie is loaded; repository visibility and upload confirmation are not tightly bounded.
自动截图保存(PNG 格式) ... 自动上传到 Gitee 仓库
Disable upload by default, require confirmation before each upload, clearly show the destination repository and visibility, and exclude any account-identifying screenshot content.
Users may underestimate where their screenshots and data will go and enable uploads without understanding the privacy tradeoff.
The privacy statement says data files are not uploaded to third parties, but the same document and feature set describe automatic upload to Gitee, an external service.
自动上传到 Gitee 仓库 ... 数据文件: 本地存储,不上传第三方
Correct the privacy section to state exactly what is uploaded, when, to which service, and how to disable it.