ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Amazon Scraper

v3.1.0

High-performance containerized web scraper (Docker + Crawlee + Playwright). Use when user mentions any of these: 爬虫, 爬取, 抓取, 采集, 数据采集, 爬数据, 抓数据, 获取数据, scrape...

6· 1.8k·8 current·8 all-time
by@jiafar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, SKILL.md and code files align: the handlers implement Amazon, YouTube, and generic scraping using Crawlee + Playwright in Docker. However, the registry metadata reported "Required binaries: none" while SKILL.md and package.json explicitly require Docker and heavy Node deps (crawlee, playwright). That mismatch between declared requirements and actual runtime needs is a coherence issue.
Instruction Scope
SKILL.md and the JS handlers instruct building and running a Docker image and describe precise scraping actions (clearing cookies, intercepting network requests, UI clicks, evaluating page JS, writing JSON outputs). Those instructions stay within the scraping purpose. Two points to note: SKILL.md references agent browser_* commands (browser_navigate/browser_console) as alternative workflows which are agent-level capabilities — this is an instruction for a human/operator/agent to run, but it broadens the ways the agent might interact with pages. Also the code intercepts network requests (e.g., youtube timedtext) which is expected for transcript capture but worth noting.
Install Mechanism
There is no automated install spec (instruction-only install), which reduces some risk, but package.json lists heavy dependencies (crawlee, playwright) and SKILL.md expects you to docker build the image locally. Building the image will pull and install those packages and browser binaries. The skill does not download code from third-party URLs at install time, but building the image will fetch dependencies from npm and Playwright release artifacts (normal but heavy).
Credentials
The skill does not request environment variables, credentials, or configuration paths. It writes output to a user-specified directory (~/scrapes by default) via Docker bind mount. No secrets or unrelated system config are requested by the skill.
Persistence & Privilege
always is false and the skill is user-invocable only. It does not request permanent platform privileges or attempt to modify other skills or global agent settings. Its persistence is limited to running containers you build/run locally.
Scan Findings in Context
[network-request-interception] expected: Handlers attach page.on('request') to capture youtube timedtext API URLs; this is required to reliably extract transcripts and is consistent with the stated YouTube transcript capability.
[docker-run-shell-exec] expected: SKILL.md and scripts/batch-scrape.sh use docker build/run and sh -c to execute node scripts; this is expected for a containerized scraper but means you will be running containers that execute code on your host (mounted output volume).
[playwright-crawlee-deps] expected: package.json depends on 'playwright' and 'crawlee' as expected. Installing/building these will download browser binaries and npm packages.
What to consider before installing
This skill appears to implement what it promises (Amazon/YouTube/generic scraping) but before installing/run it consider: 1) SKILL.md and package.json require Docker and Node/browser dependencies even though the registry metadata says "none" — make sure Docker is available and you understand the build step. 2) The scraper runs headless browsers and intercepts network requests (used to capture transcripts) and writes output files to a host directory (default ~/scrapes) via a Docker volume; review scripts/batch-scrape.sh if you plan bulk runs. 3) Running this will perform automated scraping that may violate website terms of service or local law — confirm you have the right to scrape targets. 4) Because the skill owner is unknown, inspect the code (assets/*.js and scripts) yourself before running; consider running the Docker build and containers inside an isolated environment (VM) with limited network access and minimal privileges. 5) Do not supply any credentials to the skill (it does not need them). If you want to proceed, validate the Dockerfile/build context you'll use and consider limiting resource/capabilities of the container (CPU, network) during testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bn9cbr2mbn72dx9h609p9nn84vgk6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments