ClawHub

Riddle

v1.1.0

Hosted browser automation API for agents. Screenshots, Playwright scripts, workflows — no local Chrome needed.

1· 1.4k·1 current·1 all-time
by@davisdiehl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill name/description (hosted browser API) matches the actions described (screenshots, Playwright scripts, workflows). However, the registry metadata lists no required environment variables or primary credential, while SKILL.md explicitly instructs you to obtain and configure a RIDDLE_API_KEY in OpenClaw config — this is an internal inconsistency. The install step (openclaw plugins install @riddledc/openclaw-riddledc) is consistent with a node plugin for this purpose.
!
Instruction Scope
SKILL.md tells the user/agent to install a plugin, add it to plugins.allow (editing ~/.openclaw/openclaw.json), restart the gateway, and configure an API key. It also documents passing cookies, localStorage, or custom headers to Riddle to access authenticated pages — a legitimate feature but one that enables sending session tokens and other sensitive data to an external service. The document claims the plugin cannot read conversation history or send the API key elsewhere, but those are claims in prose and cannot be verified from this instruction-only skill.
!
Install Mechanism
The SKILL.md points to installing a node plugin (@riddledc/openclaw-riddledc) via the OpenClaw CLI (npm-backed). Pulling a plugin from npm/GitHub is a common install path, but the registry metadata lists Source: unknown and no package/code is included in the skill bundle to audit. That makes the install a moderate risk until you verify the actual package contents, provenance, and checksums referenced in the README.
!
Credentials
The metadata declares no required env vars or primary credential, yet the instructions require a RIDDLE_API_KEY to be stored in OpenClaw config. SKILL.md also explains how to forward cookies/localStorage and custom headers to Riddle; these are legitimate for accessing private pages but are high-risk operations because they can expose session tokens, SSO cookies, or other secrets to the third-party service. The declared policy that only RIDDLE_API_KEY is needed (and only sent to api.riddledc.com) is a claim but not enforced by anything in this package.
Persistence & Privilege
The skill does not request always: true and is user-invocable (normal). However, installation requires adding the plugin to the global plugins.allow list and restarting the gateway (editing ~/.openclaw/openclaw.json), which modifies global agent configuration and makes the plugin available to future agent runs. That configuration change is expected for plugins but increases the blast radius if the plugin behaves maliciously; treat it as a permission grant that should be reviewed first.
What to consider before installing
Before installing: 1) Note the inconsistency: registry metadata lists no required credentials but the instructions require you to set a RIDDLE_API_KEY in OpenClaw config — confirm where the key is stored and how it is used. 2) Do not add the plugin to plugins.allow or edit ~/.openclaw/openclaw.json until you have inspected the plugin package (npm @riddledc/openclaw-riddledc) or its GitHub repo and verified checksums/CODE. 3) Understand privacy risks: sending cookies/localStorage/headers to a third-party browser service will expose session tokens and possibly PII — only do this with throwaway or explicitly consented credentials. 4) Verify the network allowlist and claims (api.riddledc.com only, no access to conversation history) by reviewing the plugin source and runtime policies; prose claims in SKILL.md are not proof. 5) If data sensitivity is high, prefer running Playwright locally or on an environment you control, or use ephemeral credentials and minimal scopes. 6) If you proceed, test with minimal, non-sensitive examples first and confirm the package's provenance (npm publisher, GitHub repo, CHECKSUMS.txt/SECURITY.md) and contact security@riddledc.com with any questions.

Like a lobster shell, security has layers — review code before you run it.

apivk9700yyej38dthzyjvfsv5t3w580npm1automationvk9700yyej38dthzyjvfsv5t3w580npm1browservk9700yyej38dthzyjvfsv5t3w580npm1latestvk974sqpf1jb63qrz2388ra8w7980pa60playwrightvk9700yyej38dthzyjvfsv5t3w580npm1scrapingvk9700yyej38dthzyjvfsv5t3w580npm1screenshotsvk9700yyej38dthzyjvfsv5t3w580npm1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis

Install

Install Riddle plugin (@riddledc/openclaw-riddledc)

Comments