Clawpod
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawpod Version: 0.1.7 The OpenClaw AgentSkill 'clawpod' is classified as benign. Its purpose is to fetch web content and search Google via a proxy service, which inherently requires network access. All instructions in SKILL.md and code examples in README.md consistently direct the agent to interact with the legitimate 'unblocker.joinmassive.com' API using the provided 'MASSIVE_UNBLOCKER_TOKEN'. There is no evidence of intentional harmful behavior such as data exfiltration to unauthorized endpoints, persistence mechanisms, or instructions for the agent to perform actions beyond the stated purpose. While the 'allowed-tools' permission for 'curl' is broad (`Bash(curl --proto =https *)`), it is necessary for the skill's function of accessing 'any website', and the skill's own instructions do not guide the agent to misuse this capability.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could help scrape or access sites in ways that violate site terms, legal restrictions, or expected access controls, and could consume the user's API credits.
The core capability is to bypass website anti-bot, CAPTCHA, and geo-restriction controls for arbitrary targets, which is high-risk and not bounded by authorization or acceptable-use guidance in the artifacts.
Read any website or search Google, even when sites block bots or are geo-restricted. Handles CAPTCHAs, JavaScript rendering, and anti-bot protection server-side via residential proxies.
Use only for content you are authorized to access, require explicit user confirmation for bypassing protections, and add clear guardrails about robots.txt, terms of service, paywalls, and prohibited targets.
Anyone with the token may be able to use the user's Massive account or credits.
A Massive API token is expected for this service, but pasting it into chat may expose the credential to the agent session or logs.
Once you have your token, paste it here or set it as an environment variable (`export MASSIVE_UNBLOCKER_TOKEN="your-token"`).
Prefer setting the token as an environment variable or secret, do not paste it into chat unless necessary, and rotate it if it is exposed.
Massive may see the URLs, search terms, and timing of the user's requests, which could be sensitive for private research or internal targets.
The target URL or search terms are sent to the external Massive Unblocker provider as part of the intended workflow.
https://unblocker.joinmassive.com/browser?url=<encoded-url> ... https://unblocker.joinmassive.com/search?terms=<encoded-terms>
Avoid sending confidential, internal, or personally sensitive URLs and search queries unless the user accepts the provider data exposure.
It may be harder to verify exactly which publisher revision or source commit this instruction-only skill came from.
The supplied registry metadata lists version 0.1.7, while the package metadata points to 0.1.3 with an empty commit, creating a provenance/version verification gap.
"latest": { "version": "0.1.3", "publishedAt": 0, "commit": "" }Verify the publisher and homepage before trusting the token workflow, and prefer packages with consistent version and source provenance.