Skillv1.0.0

ClawScan security

知乎抓取.SKILL · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 10:23 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match its stated purpose (Zhihu scraping + optional Obsidian sync); it persists cookies and browser user data and scans local paths for Obsidian vaults — behavior is coherent with the feature set but carries expected privacy/host risks you should review before running.
Guidance: This skill appears to do what it says: automated scraping of Zhihu collections/articles and optional writing into an Obsidian Vault. Before installing/run it, consider the following: - Privacy: it persists login cookies (zhihu_cookies.json) and Playwright user-data (chrome_user_data/) in the configured workspace. These contain authentication state (e.g., z_c0). If you care about account security, run in an isolated environment or avoid saving cookies. - File system reach: write_to_obsidian.py scans common drive locations to detect Vaults and may move images into a Vault. If you have sensitive files, set OBSIDIAN_VAULT explicitly or run the script with a dedicated, empty Vault path to avoid unexpected moves. - Network & dependencies: you must pip install the requirements and run 'playwright install chromium' (Chromium will be downloaded) — do this in a controlled Python environment (venv) if desired. - Review: if you're uncomfortable, inspect or run the scripts yourself (they are plain Python) or run them with no cookie file to limit scraping to public content. If you decide to use it: set OPENCLAW_WORKSPACE to a safe directory you control, explicitly set OBSIDIAN_VAULT when syncing, and inspect zhihu_cookies.json after login. If you require higher assurance, run the skill inside a sandboxed VM or container.

Review Dimensions

Purpose & Capability: okName/description (Zhihu collection and article scraping, Obsidian export) align with the provided scripts. The repository contains scraping (API/Playwright), cookie persistence, resume/progress bookkeeping, image download and Obsidian-sync code — all expected for this purpose.
Instruction Scope: noteSKILL.md and scripts instruct installing requirements and Playwright Chromium and running scripts under scripts/. They reference and use OPENCLAW_WORKSPACE, OBSIDIAN_VAULT (and alias ZHIHU_OBSIDIAN_VAULT) and optional ZHIHU_VERIFY_URL. The skill reads/writes cookie files, browser user-data, article markdown and images, and can open interactive browser windows. These actions are within the scope of scraping but are sensitive (persisting login cookies and user data).
Install Mechanism: okThere is no automated install spec in the registry; SKILL.md tells the user to pip install -r scripts/requirements.txt and run 'playwright install chromium'. Dependencies are standard (requests, bs4, playwright). Playwright will download Chromium — expected for a headless-browser scraper. No obscure external download URLs or archive extracts were observed.
Credentials: noteNo registry-required credentials are declared (none expected). The scripts optionally read/write environment variables (OPENCLAW_WORKSPACE, OBSIDIAN_VAULT / ZHIHU_OBSIDIAN_VAULT, ZHIHU_VERIFY_URL). They also scan common filesystem locations (including drive roots) to detect Obsidian vaults and may move images into Vault folders. These behaviors are consistent with Obsidian sync but increase filesystem reach and involve sensitive local authentication (z_c0 cookie).
Persistence & Privilege: noteThe skill is not force-enabled (always: false). It intentionally persists session artifacts: zhihu_cookies.json and a Playwright user_data directory under the workspace. Persisting cookies and browser user-data is required to maintain login state for scraping, but it means long-lived sensitive data will be stored on disk; consider the workspace location and access permissions.