Skillv1.0.0

ClawScan security

抖音搜索视频全量分析工具，支持扫码登录，自动图片验证 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 14, 2026, 2:02 AM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The package mostly does what it claims (Douyin scraping + automated CAPTCHA solving) but includes anti-detection/CAPTCHA-bypass instructions and hard-coded absolute paths for session/debug files that are disproportionate and raise privacy/operational concerns.
Guidance: This package implements a full Douyin scraping pipeline including automated CAPTCHA solving and anti-detection tricks. Before running/installing: 1) Understand legal/ToS risk — automated scraping and CAPTCHA circumvention can violate Douyin's terms and local law. 2) Inspect and edit hard-coded paths: captcha_solver.py has SESSION_FILE and SAVE_DIR set to /Users/hhao/..., change these to a safe working directory or remove absolute paths so files are written where you expect. 3) Treat output files as sensitive: douyin_session.json contains cookies/session tokens and debug screenshots may expose private data — store them in an isolated location and delete when done. 4) Run in an isolated environment (VM/container) and avoid using privileged accounts. 5) If you don't want automated CAPTCHA bypass on your machine, remove/disable the captcha-solver logic and handle verification manually. 6) If you need to share results, scrub session files first. Overall the code is coherent with its stated purpose but contains operations (CAPTCHA bypass, anti-detection) and unexpected absolute paths that warrant caution.

Review Dimensions

Purpose & Capability: noteThe skill's name/description align with the code: Playwright-based QR login, API interception, detail enrichment, CAPTCHA solving, analysis and HTML report generation. Requiring browser automation, image-processing libs, and cookie storage is consistent with the stated purpose. Minor inconsistency: some scripts (captcha_solver.py) use absolute paths (/Users/hhao/...) rather than the working directory the rest of the tool expects, which is unexpected and should be corrected.
Instruction Scope: concernSKILL.md and scripts explicitly instruct anti-detection measures (remove navigator.webdriver, Chromium args), automated CAPTCHA bypass (screenshot, template matching, simulated human slide paths), intercepting API responses and saving session cookies and screenshots. Those behaviors go beyond benign 'data collection' (they actively bypass protection mechanisms) and also instruct saving potentially sensitive artifacts (cookies, debug screenshots). The instructions do not attempt to access unrelated system secrets, but the CAPTCHA bypass + anti-detection gives the skill broad sensitive capabilities and operational risk.
Install Mechanism: okNo installer in registry; SKILL.md instructs creating a venv and pip-installing playwright and several image/analysis libs and running `playwright install chromium`. This is proportionate for a Playwright-based scraper that uses image processing (scikit-image, scipy, pillow). There is no remote arbitrary download/install step in the registry metadata.
Credentials: concernThe skill declares no required env vars or credentials (reasonable). However, captcha_solver.py contains hard-coded absolute SESSION_FILE and SAVE_DIR paths pointing to the author's local filesystem (/Users/hhao/WorkBuddy/...), which is disproportionate and problematic: code may attempt to read/write files outside the user's working directory, save screenshots and cookies to unexpected locations, and reveal the developer's local path. The scripts also save session cookies (douyin_session.json) and debug images which are sensitive and should be placed under the user's explicit work_dir.
Persistence & Privilege: okFlags show always:false and no special platform privileges. The skill writes session and output files to disk (expected). It does not attempt to change other skills or system-wide agent settings. Autonomous invocation is allowed by default (normal); combine that with CAPTCHAbypass capability when deciding whether to enable.