Skillv1.0.0

ClawScan security

Ganidhuz-FoxX · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 9, 2026, 8:06 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (automating Firefox to browse X using injected cookies); it reads and writes your local Firefox cookies and controls Firefox, which is sensitive but coherent with the stated functionality.
Guidance: This skill is coherent with its goal but requires strong caution: it reads your Firefox profile and exports live X/Twitter session cookies to disk, and it may terminate Firefox to copy the cookie DB. Only run it on a machine you fully control (not shared or CI), inspect the scripts yourself, and install Playwright in an isolated environment. After use, securely delete the exported cookie file (default ./secrets/x-cookies.json) and any screenshots or storage_state files. Consider creating a dedicated, disposable Firefox profile for this purpose and avoid running the export on a profile containing other important accounts. If you are uncomfortable with local cookie extraction or pkill behavior, do not install/use this skill.

Review Dimensions

Purpose & Capability: okThe name/description (browse X/Twitter via Firefox with cookie injection) aligns with the included scripts: a cookie exporter (reads Firefox's cookies.sqlite), a Playwright controller for Firefox, and a small environment check script. There are no unrelated credentials, external APIs, or surprising binaries requested.
Instruction Scope: noteThe SKILL.md explicitly instructs the agent to extract cookies from the user's Firefox profile, kill Firefox (pkill -f firefox) before copying the DB, and run Playwright to drive Firefox. Those actions are necessary for the stated approach but are intrusive and access highly sensitive local data (session cookies). The instructions do not send cookies to remote endpoints; they store them locally.
Install Mechanism: okNo install spec is provided (instruction-only). Playwright is required per README (pip install + playwright install firefox) but nothing is downloaded by the skill itself. All code is local and readable.
Credentials: noteThe skill requests no declared environment variables, but the scripts will read the user's Firefox profile and cookies.sqlite (auto-detection includes snap and ~/.mozilla paths) and accept optional env vars (FIREFOX_PROFILE_PATH, FOXX_COOKIES_OUT). Accessing browser cookies is proportional to the feature but is high sensitivity and should be justified by the user before use.
Persistence & Privilege: noteThe skill does not request always:true or system-wide privileges, but it does create local files (default ./secrets/x-cookies.json and validation screenshots) and will kill Firefox if running. Persisting session cookies on disk is risky (they can be reused to impersonate your session) and the skill may create profile directories or files if defaults are used.