Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
opencli
v1.0.1Fetch data from social, video, and news websites using OpenCLI by reusing Chrome login sessions without API keys.
⭐ 0· 79·1 current·1 all-time
by张贝@hellotombruce
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (fetch website data by reusing Chrome login sessions) aligns with the SKILL.md: it instructs using @jackwener/opencli + Browser Bridge and lists many site-specific commands. However the command set includes active actions (send messages, control desktop chat apps, download video) in addition to read-only fetches; that breadth is larger than the simple 'fetch data' description suggests.
Instruction Scope
Runtime instructions instruct dumping DOM, reading chat messages, sending messages, and interacting with desktop/web app UIs via the Browser Bridge — operations that can access and exfiltrate authenticated/private content. The skill expects reuse of Chrome sessions (i.e., access to cookies/session state) which is functionally necessary for its purpose but also grants broad access to any logged-in sites. The SKILL.md does not place clear limits or safeguards on these powerful operations.
Install Mechanism
This is an instruction-only skill (no install spec in the registry). It tells users to run `npm install -g @jackwener/opencli` and to install the Browser Bridge Chrome extension. Installing a global npm package and a browser extension is a typical path for this functionality but carries risk (supply-chain/browser extension permissions). The SKILL.md also references additional runtime tooling (e.g., yt-dlp for downloads) that is not formalized in the metadata.
Credentials
The skill requests no environment variables or credentials, but its operation depends on accessing your Chrome login sessions via a browser extension — effectively granting access to your authenticated accounts. That access is proportionate to scraping account-scoped data, but the SKILL.md does not enumerate or limit which sites, nor does it require explicit per-site consent in the instructions. Also, some commands mention external binaries (yt-dlp) which are not declared in the top-level requirements.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform-level persistence; it is instruction-only and would operate only when invoked. It also does not declare modifications to other skills or system-wide config.
What to consider before installing
This skill is coherent with its stated goal (scraping sites by reusing your Chrome session) but that same mechanism gives it potential access to all data in any logged-in browser session. Before installing: (1) verify the npm package and author (@jackwener/opencli) — review the package source/release on npm/GitHub; (2) review the Browser Bridge extension's permissions and provenance; (3) avoid using this with highly sensitive accounts or run it in a dedicated browser profile with only the accounts you intend to expose; (4) be aware some commands perform write actions (send messages, downloads) and additional tools (yt-dlp) may be required; (5) prefer read-only usage and test in a controlled environment. If the publisher or upstream project is unknown or you cannot audit the code and extension, consider this higher risk and treat it accordingly.Like a lobster shell, security has layers — review code before you run it.
latestvk97dtg7xy96sq29e6ba9ry3g7x839r4w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.