ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Weibo Hot Search

v1.0.0

无需登录微博账号,匿名抓取微博实时热搜榜并保存为 Markdown 文件。当用户说"获取微博热搜"、"抓取热搜"、"微博热搜榜"、"不用登录查热搜"、"匿名获取热搜"、"get Weibo hot search"、"weibo trending" 时使用。

1· 542·8 current·9 all-time
by@kazemace
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to run a script at scripts/weibo-hot-search.ts to anonymously scrape Weibo hot searches. The registry entry and SKILL.md require either bun or npx which is reasonable for running a TypeScript script, and Chrome/Edge is necessary for CDP-based scraping. However, this is an instruction-only package with no scripts present in the bundle — the key runtime artefact the skill promises is missing, which is a major inconsistency.
!
Instruction Scope
SKILL.md instructs the agent to launch Chrome/Edge via CDP and to use a browser profile directory. It also explicitly tells the agent to automatically terminate existing Chrome/Edge CDP processes (pkill) and retry without asking the user. The doc alternately claims a "full new empty browser config directory" (anonymous) and also defaults to getDefaultProfileDir() (user's default profile). That contradiction means the agent might run with the user's real profile (exposing cookies/session data) or kill the user's browser processes — both are scope creep and risky.
Install Mechanism
No install spec or downloads — the skill is instruction-only, so nothing is written to disk by the registry installation. This is low install-risk. The runtime expectation (bun or npx) is declared in SKILL.md rather than installed by the registry.
Credentials
The skill only documents two environment variables (WEIBO_BROWSER_CHROME_PATH and WEIBO_BROWSER_DEBUG_PORT), which are proportionate to controlling which browser binary and CDP port are used. There are no credential or secret env var requirements declared. However, because the instructions may use the default profile directory, the skill could indirectly access sensitive browser data despite not declaring credentials.
!
Persistence & Privilege
The skill is not always:on and is user-invocable (normal). However, instructions that unilaterally kill Chrome/Edge CDP processes and potentially operate against the default browser profile grant practical privileges that could disrupt user sessions or access local profile data. Those behaviors are not justified by the stated anonymous-scraping goal and increase risk.
What to consider before installing
Do not run or enable this skill as-is. The SKILL.md points to a scripts/weibo-hot-search.ts that is missing from the package — ask the author to provide the script and a full explanation. Verify the script contents before running: ensure it explicitly launches a fresh temporary browser profile (not your default), and remove any automatic pkill logic that would terminate your browser without consent. If you do test it, run in an isolated environment (e.g., disposable VM or container) with a fresh Chrome profile and no sensitive sessions. If the author cannot supply the script or if the script uses your default profile or kills browser processes, treat the skill as unsafe.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bp0s0vfcx19yw4y0xqkt2x182shcm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Any binbun, npx

Comments