Back to skill
Skillv1.0.0
ClawScan security
Cn Web Screenshot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 5:20 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is internally consistent: it is a Playwright-based webpage screenshot tool that matches its description and does not request unrelated credentials or system access.
- Guidance
- This skill appears to do exactly what it says, but be aware of practical risks: it will fetch any URL you provide (including internal network addresses), so avoid pointing it at sensitive internal services if the agent has network access (SSRF/internal resource exposure risk). Playwright will download Chromium and use CPU/memory to render pages — run in a sandboxed environment if you are concerned about untrusted pages. The default output path is /tmp and filenames are predictable; if screenshots may contain sensitive content, store them in a secure location. If you operate in a sensitive environment, review the script and run installs from trusted package sources before enabling the skill.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and the included Python script all match: the tool launches Chromium via Playwright, navigates to a provided URL, waits, and saves a PNG screenshot. No unrelated APIs, binaries, or credentials are requested.
- Instruction Scope
- okRuntime instructions are focused: obtain a URL, call scripts/web_screenshot.py, and return the screenshot path. The script only performs network requests to the provided URL and writes a PNG (default /tmp/screenshot_*.png). It does not read other files, environment variables, or external endpoints beyond visiting the user-supplied URL.
- Install Mechanism
- okInstallation guidance uses pip install playwright and playwright install chromium — standard, known tools. There is no download from untrusted URLs or obscure install steps in the bundle.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. The script does not attempt to access secrets or other services, so requested privileges are proportional to a screenshot utility.
- Persistence & Privilege
- okalways is false and the skill does not modify agent/system configuration or request persistent privileges. Autonomous invocation is allowed (platform default) but not combined with elevated privileges here.