CapMonster CAPTCHA Solver
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is clear about its purpose, but that purpose is to automate bypassing CAPTCHA and Cloudflare Turnstile checks during browser automation.
Install only if you have a legitimate, authorized need to solve CAPTCHAs, such as testing systems you control. Do not use it to bypass third-party anti-bot protections without permission, and be aware that it uses a paid API key and shares target site details with CapMonster Cloud.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this can violate website terms, trigger account or IP blocks, enable abusive automation, and spend paid CapMonster credits.
The script is designed to programmatically place solver tokens into CAPTCHA and Cloudflare Turnstile response fields, which can bypass third-party human-verification controls during automation.
gTextarea.value = TOKEN; ... const cfInput = document.querySelector('[name="cf-turnstile-response"], input.cf-turnstile-response'); if (cfInput) { cfInput.value = TOKEN; }Only use CAPTCHA solving on systems you own or are explicitly authorized to test, and require clear user approval before solving or injecting tokens.
The agent may use a paid CapMonster account/key; users need to understand cost and account exposure.
The skill requires a provider credential even though the registry metadata lists no required environment variables or primary credential.
- **API Key**: `${CAPMONSTER_API_KEY}`Declare the CapMonster API key in metadata and ensure users provide a narrowly scoped key where possible.
A user may need unreviewed local code or a different helper implementation to use the Python workflow.
The documentation references a helper client and developer-local path that are not present in the provided manifest, creating a provenance/reproducibility gap if a user follows those instructions.
**Python Client**: `tools/capmonster-cloud/capmonster_api.py` ... sys.path.insert(0, '/Users/eason/clawd/tools/capmonster-cloud')
Include the referenced helper code or remove the path-specific instructions; document dependencies explicitly.
Running the scripts on the wrong page or account session could change form fields or page behavior.
The skill expects JavaScript execution inside the active browser page. This is purpose-aligned for browser automation, but it means the agent can inspect and modify page DOM state.
Copy-paste into browser console or use via browser action=act evaluate
Run browser-evaluate scripts only on intended pages and review the target before injection.
CapMonster can learn which sites and CAPTCHA challenges the user is automating.
The workflow sends the target website URL and CAPTCHA sitekey to CapMonster Cloud. This is disclosed and purpose-aligned, but it is still an external data flow.
curl -s -X POST https://api.capmonster.cloud/createTask ... "websiteURL": "$WEBSITE_URL", "websiteKey": "$SITEKEY"
Avoid using this on sensitive/private pages and disclose the external data sharing to users.