Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
gjsw
v1.0.3国家税务总局 12366 纳税服务平台自动登录技能。当用户要求登录12366、国家税务总局、纳税服务平台时触发,会要求用户输入账号密码,然后自动打开Chrome浏览器完成登录。
⭐ 0· 75·0 current·0 all-time
by@edwn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, required binaries (python3 and Google Chrome), and use of Playwright + OCR align with an automated-login skill. Minor inconsistency: SKILL.md instructs 'playwright install chromium' but the script 'forces Google Chrome' — this is an implementation mismatch but not necessarily malicious.
Instruction Scope
SKILL.md explicitly asks for interactive username/password input and describes opening Chrome, OCR of captchas, and persisting a profile in ./chrome_profile — these are within the stated scope. The included Python script performs browser automation and OCR. However the provided script is truncated in the bundle review, so it's not possible to verify there are no additional actions (network calls, telemetry, or credential writes) in the remaining code.
Install Mechanism
No install spec in the registry; SKILL.md directs installing Python packages (playwright, ddddocr) and running 'playwright install chromium' — standard but will download browser binaries to disk. No arbitrary external download URLs were observed in the visible files.
Credentials
The skill requests no environment variables and prompts interactively for credentials, which is appropriate. It persists a Chrome user profile in ./chrome_profile and uses a remote debug port (9222) — these are proportionate to persistent login but have security implications (e.g., persistent cookies, potential exposure via remote debugging if misconfigured).
Persistence & Privilege
Skill is user-invocable and not always-on. It persists browser session state to ./chrome_profile (normal for avoiding repeated logins). It does not declare modifying other skills or system-wide configuration. The use of a fixed remote-debugging port is notable and should be reviewed to ensure it only binds to localhost.
What to consider before installing
This skill largely does what it says (automatically open Chrome, OCR captchas, and persist a browser profile), but exercise caution before entering your account password: 1) Review the full openclaw_login.py (the uploaded file was truncated in the review)—look for any network.post/requests/socket.connect or upload calls that would send credentials or screenshots off-host. 2) Be aware the skill stores session data in ./chrome_profile (cookies and logged-in session); if you don't want persistent sessions, remove or sandbox that directory. 3) The script uses a remote debugging port (9222); ensure Chrome is launched bound to localhost only so the port isn't exposed to the network. 4) Prefer running this code locally in a disposable environment (temporary user account or VM) if you decide to use it. 5) If you cannot audit the complete script, treat the skill as untrusted and avoid entering high-value credentials. If you want, provide the remainder of openclaw_login.py for a more definitive assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk976xnjyyz3vzzr3ntnx1rns4n8430tg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔐 Clawdis
Binspython3, google-chrome