Kleinanzeigen helper
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user confirms the wrong target or broad selector, the agent could publish, update, delete, download, or extend listings on the connected Kleinanzeigen account.
The skill can invoke tools that change or retrieve marketplace listings, but it explicitly requires summarizing the action and waiting for user confirmation.
For publish, update, delete, download, or extend, summarize the exact non-secret action and wait for explicit user confirmation.
Before approving a tool call, verify the exact listing, selector, ad ID, and intended action; avoid broad selectors unless you really want a broad operation.
The connected local bot may act with the permissions of the user's Kleinanzeigen account, even though the skill tells the agent not to handle credentials directly.
The workflow depends on an already configured local account/session, but the skill instructs the agent not to request or expose those credentials or session materials.
Do not ask for, read, print, summarize, store, inspect, or infer Kleinanzeigen usernames, passwords, SMS or 2FA codes, cookies, browser profiles, session data, or credential-bearing config files.
Use this only with the intended local bot configuration and account; keep credentials, cookies, config files, browser profiles, and 2FA codes out of chat.
Your actual listing operations depend on the separately installed bot and plugin, whose code and configuration are not reviewed in this skill package.
The skill itself is instruction-only, but it relies on external software that is outside these artifacts and must be trusted separately.
Install and configure [kleinanzeigen-bot](https://github.com/Second-Hand-Friends/kleinanzeigen-bot) locally first. Install [KleinClaw](https://clawhub.ai/plugins/kleinclaw), then enable it
Review and install the external bot and KleinClaw plugin from trusted sources, and understand their configuration before enabling them.
Listing text, filenames, paths, and non-redacted ad details may be used in the conversation when helping draft or verify ads.
The agent may retrieve local ad configuration content as context for drafting or verification, but the instructions scope it to configured ad roots and redact contact fields by default.
Use `kleinanzeigen_read_ad` for one existing ad config under configured `adRoots` when examples are useful. Contact fields are redacted by default.
Check sanitized summaries before proceeding and avoid asking the agent to include private contact details or unrelated local files.