Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
mtop-devtools-socket
v1.0.0通过本地 socket 调用 Mtop DevTools 浏览器插件能力(获取请求/日志/埋点、设置 mock、获取 API schema、代理 HTTP 请求、浏览器操作与页面感知)
⭐ 0· 38·0 current·0 all-time
by徒言@f-loat
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description state a local-socket interface to the Mtop DevTools extension; the SKILL.md and README describe Native Messaging, a CLI, and browser control features (requests, logs, mocks, proxy, page ops) that align with that purpose.
Instruction Scope
SKILL.md instructs installation of a native host and CLI and gives commands that will: execute arbitrary JS in page context (page_eval), read page DOM/accessible snapshot, capture screenshots, read and use browser cookies for signing/proxying, upload local files, and add declarativeNetRequest rules (redirect/modify/block). These are expected for a DevTools control tool but are powerful and enable data access/exfiltration if misused.
Install Mechanism
This is an instruction-only skill (no install spec). It tells users to run npm -g install of @mtop-devtools/native-host and @mtop-devtools/client. That is a reasonable install approach for a native messaging host but implies installing third-party global packages and registering a native host manifest (may require elevated privileges and writing system dirs). The skill does not auto-download or execute code itself.
Credentials
The skill requires no environment variables or external credentials in metadata. However runtime behavior explicitly depends on sensitive browser state: it reads cookies (_m_h5_tk, m_tk, _tb_token_) to sign/send mtop requests, automatically attaches browser cookies to proxied requests, and can be directed to read local file paths for uploads or payload files. These sensitive accesses are coherent with the skill's purpose but should be treated as high-privilege operations.
Persistence & Privilege
The skill is not always:true and does not request permanent platform-level presence. It recommends installing a native host and CLI which will register a native messaging host and a global command via npm -g; that is appropriate for the stated functionality and is performed by the user during setup.
Assessment
This skill appears to do what it says: control a browser DevTools extension via a local native host. Before installing or using it, be aware that it deliberately accesses sensitive browser state and local files: it can read cookies (used for signing/auth), capture page contents and screenshots, run arbitrary JS in pages, proxy requests with browser cookies, add redirect/modify rules, and upload local files. Only install the npm packages if you trust their publisher; registering a native messaging host may require sudo and writes system config. Avoid using this on accounts or pages containing sensitive data unless you trust the extension and CLI source; review the @mtop-devtools packages on npm/GitHub and the browser extension source if possible. If you will grant agent autonomy, consider restricting its scope because these capabilities could be misused to exfiltrate data or redirect traffic.Like a lobster shell, security has layers — review code before you run it.
latestvk97avjz7v35k671hv4e7yt5avs84rtmk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.