ClawHub

Playwright Scraper Skill 1.2.0

Security checks across malware telemetry and agentic risk

Overview

This is a real Playwright scraping skill, but it is built around bypassing anti-bot protections and can save captured page content to arbitrary local paths without enough guardrails.

Install only if you are authorized to automate the target sites. Run it in an isolated environment, avoid logged-in or sensitive pages, set output paths to a safe directory, clean up screenshots and saved HTML, and keep Playwright/Chromium updated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly promotes anti-bot evasion techniques and artifact collection (screenshots/HTML saving) but does not warn about privacy, legal, consent, or retention risks. In an agent skill context, this can normalize scraping protected sites and storing potentially sensitive page contents, increasing the chance of unauthorized data collection or policy violations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly promotes anti-bot evasion techniques such as hiding automation fingerprints and using stealth scraping, but provides no warning about legal, privacy, or acceptable-use implications. In the context of a scraping skill, this increases the chance that users will deploy it against protected targets in ways that violate site policies, trigger abuse, or facilitate unauthorized data collection.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation encourages saving screenshots and full HTML locally without warning that scraped pages may contain personal data, session-dependent content, or other sensitive information. This can lead to unintended retention of confidential material on disk, especially when used in shared environments or automated pipelines.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The stealth scraper advertises output of screenshots and full HTML files but does not warn that these artifacts may contain sensitive page content, session-dependent data, personal information, or copyrighted material. In a scraping skill specifically designed to bypass anti-bot protections, silent disk persistence increases the chance of collecting and retaining sensitive data without informed user consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The environment-variable examples show how to enable SCREENSHOT_PATH and SAVE_HTML but provide no privacy, legal, or data-handling warning. Because the skill is built for anti-bot evasion and scraping of protected sites, these examples materially lower the barrier to storing potentially sensitive content to disk in ways users may not fully appreciate.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly demonstrates scraping an anti-bot protected site and shows features for saving screenshots and HTML, while later discussing login/cookie workflows and proxy rotation without any guardrails about authorization, privacy, or lawful use. In a scraping skill, this materially lowers the barrier to bypassing site protections and collecting potentially sensitive page content, making misuse more likely even if the file itself is documentation rather than executable code.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal