Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Business Opportunity Screenshot
v1.0.0Generate a business opportunity Skills report with ClawHub data, open it in Chromium, and capture a full-page screenshot saved to the output directory.
⭐ 0· 145·0 current·0 all-time
byxingxiuye@jakliao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the behavior: the script calls clawhub, builds an HTML report, and uses puppeteer-core to capture a screenshot. However the registry metadata declares no required binaries/env or credentials while SKILL.md and the script require clawhub CLI, chromium-browser, DISPLAY/WSL2, and an npm dependency. That mismatch (no declared requirements but required at runtime) is incoherent.
Instruction Scope
SKILL.md and scripts instruct running shell commands (clawhub search/inspect, launching Chromium with --remote-debugging-port) and write output under a hardcoded workspace path (/home/xiaoduo/.openclaw/workspace-product). The script executes shell commands with execSync (15s timeout). The hardcoded absolute path and use of remote debugging broaden scope beyond a simple screenshot tool and could fail or misbehave on other hosts.
Install Mechanism
There is no formal install spec, but package.json/package-lock include puppeteer-core. SKILL.md tells users to run npm install manually. This is an inconsistency: dependencies exist but installation is left to the user. The package-lock pulls puppeteer-core and related packages from public npm (npmmirror registry), which is expected but requires network install; no direct downloads from suspicious URLs were found.
Credentials
The skill requests no credentials, which is appropriate. But it implicitly requires environment-specific items: clawhub CLI, chromium-browser, DISPLAY (WSL2), and a writable workspace at a specific absolute home path. Requiring a specific user's home path is disproportionate and fragile — it can expose or overwrite files in that location if present.
Persistence & Privilege
The skill does not request always:true and does not declare system-wide persistence. It runs on demand. One operational risk: launching Chromium with --remote-debugging-port opens a local debug port (9222) which, while local, increases the attack surface while the browser is running.
What to consider before installing
This skill appears to do what it says, but there are several red flags to consider before installing: (1) It assumes the clawhub CLI and chromium-browser are installed and requires you to run npm install puppeteer-core manually — the package metadata did not declare these requirements. (2) The script uses a hardcoded workspace path (/home/xiaoduo/.openclaw/workspace-product) for reading/writing output — on your system this may point to a different user or not exist; it could overwrite files if that path exists. (3) It launches Chromium with --remote-debugging-port=9222 and connects puppeteer to it; this opens a local debug port while running and increases risk. (4) The code executes shell commands (clawhub) via execSync; review these commands and outputs if you care about confidentiality. Recommendations: inspect the scripts locally, run the skill in an isolated environment (container or VM), adjust the workspace/output paths to a safe directory, ensure you trust the clawhub CLI source, and only run npm install in a controlled environment. If you need higher assurance, ask the author for an install spec and for removal of hardcoded paths.scripts/screenshot.js:41
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk970gt8qsrwdhc5t2vpvy4f02s83009z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.