ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

x-reader通用内容抓取

v1.0.0

Universal content reader for WeChat/Bilibili/Twitter/YouTube/Xiaohongshu. Use when you need to fetch full article content from platforms that block simple HT...

0· 40·0 current·0 all-time
by@hoyaryyj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description (universal content reader) is plausible, but the SKILL.md references numerous specific components (Playwright browser fallback, Jina, yt-dlp, Groq Whisper, Telethon, feedparser, a Python venv and CLI) that are not declared in the registry metadata. Those components imply additional permissions, binaries, and credentials that a simple instruction-only reader should have declared.
!
Instruction Scope
Runtime instructions instruct creating a browser session for platform logins (e.g., 'x-reader login xhs') and reference saving sessions for a browser fallback and an Obsidian vault path. That implies the agent will create and read local session files and may persist content to a user-specified vault — behavior not made explicit in the skill metadata and broader than a minimal fetch operation.
Install Mechanism
No install spec is provided (instruction-only), which reduces install-time risk, but the SKILL.md explicitly describes a Python venv and CLI paths where the tool is expected to be installed. The lack of an install script or declared package sources makes it unclear how those components get onto the system.
!
Credentials
The doc references an OBSIDIAN_VAULT env var and implies saved browser sessions and use of services (Telegram via Telethon, Groq models) that normally require API keys or credentials. Yet the skill declares no required env vars, credentials, or config paths — an under-declaration that could hide where sensitive tokens or cookies are stored or needed.
Persistence & Privilege
The skill is not 'always' enabled and is user-invocable. However, it states it will create a persistent venv and save browser sessions (cookies) and may write outputs to an Obsidian vault path. Those persistent artifacts and session files are within the agent environment and should be explicitly disclosed.
What to consider before installing
This skill's README describes multiple components (Playwright, yt-dlp, Telethon, Jina, Groq Whisper), saved browser sessions, and an OBSIDIAN_VAULT path but declares no installs, binaries, or required credentials. Before installing or running it, ask the publisher for: (1) the full install steps and package sources (pip package name, GitHub release, etc.); (2) a list of required binaries and Python packages; (3) exactly what files/paths are created and where session cookies or tokens are stored; (4) what environment variables or API keys are required (Telegram, Groq, YouTube cookies, etc.); (5) whether any data is sent to third-party services. If you can't get that, run it only in a disposable sandbox or avoid installing it. If you proceed, inspect the created venv and session files and do not reuse sensitive credentials without reviewing code.

Like a lobster shell, security has layers — review code before you run it.

bilibilivk971pfwyv5bjp7ex02mqhnywx58430wecontent-fetchvk971pfwyv5bjp7ex02mqhnywx58430welatestvk971pfwyv5bjp7ex02mqhnywx58430wetwittervk971pfwyv5bjp7ex02mqhnywx58430wewechatvk971pfwyv5bjp7ex02mqhnywx58430wexiaohongshuvk971pfwyv5bjp7ex02mqhnywx58430we

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments