Skillv1.0.0

ClawScan security

竞品数据定时监控 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 12, 2026, 2:50 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and install script are coherent with its stated purpose (periodic web scraping, anomaly detection and notifications); it does what it claims and requests only expected resources, but review and operational caution are recommended (credentials in configs, global installs, scraping frequency).
Guidance: This skill appears to be what it says: a web-scraping + anomaly-detection service that notifies via user-provided webhooks/email. Before installing or running it, consider: 1) Run the install and Python packages inside a virtual environment (venv) rather than system-wide pip to avoid polluting your global Python environment. 2) Keep notification credentials (SMTP password, webhook secrets) out of world-readable files — consider using a secrets manager or environment variables and edit the code/config to read them securely. 3) Deploy the service on a dedicated host (not a machine with sensitive data) because it downloads browser binaries and stores screenshots/data locally. 4) Set sensible scraping schedules and respect target sites' robots / terms of service to avoid being blocked or causing legal/abuse issues. 5) Review the config and any webhook URLs you provide — the skill will POST alerts and attachments to whatever endpoints you configure, so ensure those endpoints are trusted. 6) If you need stronger assurance, run a code audit or execute in an isolated environment (container) first.

Review Dimensions

Purpose & Capability: okThe name/description (competitor monitoring) matches the included code: scraper.py implements Playwright-based page scraping for the listed platforms, detector.py performs anomaly/burst detection, notifier.py posts alerts to configured channels, and monitor_service.py wires scheduling, scraping, persistence, and notifications. Declared requirements in SKILL.md (Python, Playwright/Selenium, network) align with the code. There are no unrelated credentials or unexpected external services hard-coded.
Instruction Scope: okSKILL.md and README instruct the agent/user to run the provided scripts, edit JSON task configs, and place credentials/webhook URLs in config. The runtime instructions and code access only the expected local paths (assets/data, assets/screenshots, config file) and network endpoints provided in task notification configs. The instructions do not ask the agent to read arbitrary system files or environment variables beyond the config files.
Install Mechanism: noteAn install.sh is provided which installs Python packages globally (pip install playwright schedule requests pandas) and runs `playwright install chromium`, then copies the skill into a skills directory. This is a moderately invasive install (writes files to disk, downloads browser binaries). The sources used (PyPI and Playwright's browser installer) are standard but the script performs global installs instead of recommending a virtualenv—this is operationally notable but not malicious.
Credentials: noteThe skill declares no required environment variables, which matches the repo. Notification and SMTP credentials are provided via the task configuration files (monitor_tasks.example.json). Storing webhook secrets, SMTP passwords, or API keys in plain JSON config is functional but risky; the skill does not attempt to access unrelated credentials or system secrets. Requesting no platform-level credentials is proportionate to its stated purpose, but users must supply notification/auth details in config (clearly sensitive).
Persistence & Privilege: okalways:false and the skill does not claim or implement any mechanism to modify other skills or system-wide agent settings. It installs files into a skills directory and writes its own data (assets/data, assets/screenshots). That level of persistence is expected for a monitoring service; no elevated platform privileges or 'always included' behavior are present.