ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ffagen Minimax Vision Scraper

v1.0.0

Playwright截图 + MiniMax图像理解的高级网页抓取skill。绕过反爬虫,直接用AI理解截图内容。

0· 55·0 current·0 all-time
by@ffagen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description (Playwright screenshots + MiniMax VLM) matches the code: the script screenshots a page and posts it to a MiniMax API. However registry metadata claims no required env vars or binaries while SKILL.md and scripts rely on system Google Chrome and an API key (MINIMAX_API_KEY). The script hardcodes an API key and uses a macOS-specific Chrome path, which is inconsistent with the 'no requirements' claim.
!
Instruction Scope
SKILL.md and scripts limit runtime actions to browsing, screenshotting, and POSTing the image to api.minimaxi.com. That is consistent with the stated purpose, but screenshots can contain sensitive data and the skill will upload full-page screenshots to a third-party API. The SKILL.md doesn't warn about this risk nor require the user to supply their own API key (the code falls back to an embedded key).
Install Mechanism
No install spec in registry, but package.json/package-lock.json are present and only depend on playwright from npm — a standard dependency. There are no downloads from odd URLs or archives. The install risk is moderate and expected for a Playwright-based tool.
!
Credentials
The code uses sensitive environment variables (MINIMAX_API_KEY, MINIMAX_API_HOST) but the registry lists none. Worse, the script contains a hardcoded API key string that will be used if MINIMAX_API_KEY is not set. Requiring/using an API key to call an external service is expected, but embedding a fallback secret (and not declaring it) is inappropriate and could represent abuse of someone else's key or leakage of a secret.
Persistence & Privilege
The skill does not request persistent/always-on privileges, does not change other skills' configs, and does not require elevated system privileges. It launches a local browser instance only.
Scan Findings in Context
[embedded_api_key] unexpected: The script contains a long hardcoded string starting with 'sk-cp-...' used as a fallback MINIMAX_API_KEY. Hardcoded API keys are unexpected for a user-facing scraper and are a data-trust/exfiltration risk.
What to consider before installing
This skill will take screenshots of target pages and upload them to a third-party Vision API. Before installing: 1) Do not rely on the embedded API key — remove it or supply your own MINIMAX_API_KEY; the built-in key could be abused or revoked and means your screenshots would be processed under someone else's account. 2) Assume any screenshot may contain sensitive data (logins, tokens, personal data); avoid running it against pages where you are authenticated or that contain secrets. 3) Update the macOS-specific Chrome path if you are not on macOS or let Playwright manage its browser. 4) If you plan to use this, review the code, replace/remove the embedded key, point MINIMAX_API_HOST to a trusted endpoint, and run in an isolated sandbox until you trust the behavior. Because of the embedded key and undeclared env requirements, treat this skill as suspicious and proceed only after remediation.

Like a lobster shell, security has layers — review code before you run it.

aivk97aevt1tygqbf8cxz082pajsd84cceqlatestvk97aevt1tygqbf8cxz082pajsd84cceqminimaxvk97aevt1tygqbf8cxz082pajsd84cceqvisionvk97aevt1tygqbf8cxz082pajsd84cceqweb-scrapingvk97aevt1tygqbf8cxz082pajsd84cceq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments